Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

winrscmde a virus?


  • Please log in to reply
4 replies to this topic

#1 warman343

warman343

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:06:17 AM

Posted 06 July 2012 - 01:46 PM

about a few days ago, was watching some youtube videos, when my computer sudenlly restarted on its own. once i was back to my desktop, and after a few min. i hear an ad or something playing. this was when nothing was open. i looked in my task manager to find what might be making it but nothing was found. now i opened my volume mixer when it was playing and found that it was this program: winrscmde. it wasn't there before the restart. so, i googled winrscmde and found this site. i looked through the forums and found similar problems that other poeple are having.
if this really a virus and how can i get rid of it?

-Thanks

BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,934 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:08:17 AM

Posted 06 July 2012 - 02:05 PM

Hello andwelcome,this can be an Aleuron/TDSS infection.. So lets look at some things.

Please download MiniToolBox, save it to your desktop and run it.

Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

Note: When using "Reset FF Proxy Settings" option Firefox should be closed.


Next run....

Please download TDSSKiller.zip and and extract it.
  • Run TDSSKiller.exe.
  • Click on Change Parameters
  • Put a check in the box of Detect TDLFS file system
  • Click Start scan.
  • When it is finished the utility outputs a list of detected objects with description.
    The utility automatically selects an action (Cure or Delete) for malicious objects.
    The utility prompts the user to select an action to apply to suspicious objects (Skip, by default). Let the options as it is and click Continue
  • Let reboot if needed and tell me if the tool needed a reboot.
  • Click on Report and post the contents of the text file that will open.

    Note: By default, the utility outputs the log into system disk (it is usually the disk with installed operating system, C:\) root folder. The Log has a name like: TDSSKiller.Version_Date_Time_log.txt.



Next run Superantisypware (SAS):

Please download and scan with SUPERAntiSpyware Free
  • Double-click SUPERAntiSypware.exe and use the default settings for installation.
    For instructions with screenshots, please refer to the How to use SUPERAntiSpyware to scan and remove malware from your computer Guide.
  • An icon will be created on your desktop. Double-click that icon to launch the program.
  • If it will not start, go to Start > All Prgrams > SUPERAntiSpyware and click on Alternate Start.
  • If asked to update the program definitions, click "Yes". If not, update the definitions before scanning by selecting "Check for Updates". (If you encounter any problems while downloading the updates, manually download them from here. Double-click on the hyperlink for Download Installer and save SASDEFINITIONS.EXE to your desktop. Then double-click on SASDEFINITIONS.EXE to install the definitions.)
  • In the Main Menu, click the Preferences... button.
  • Click the "General and Startup" tab, and under Start-up Options, make sure "Start SUPERAntiSpyware when Windows starts" box is unchecked.
  • Click the "Scanning Control" tab, and under Scanner Options, make sure the following are checked (leave all other options as they are set):
    • Close browsers before scanning.
    • Scan for tracking cookies.
    • Terminate memory threats before quarantining.
  • Click the "Close" button to leave the Control Center screen.
  • Back on the main screen, under "Select Scan Type" check the box for Complete Scan.
  • If your computer is badly infected, be sure to check the box next to Enable Rescue Scan (Highly Infected Systems ONLY).
  • Click the Scan your computer... button.
  • After the scan is complete, a Scan Summary box will appear with potentially harmful items that were detected. Click "OK".
  • Make sure everything has a checkmark next to it and click "Next".
  • A notification will appear that "Quarantine and Removal is Complete". Click "OK" and then click the "Finish" button to return to the main menu.
  • If asked if you want to reboot, click "Yes" and reboot normally.

To retrieve the scan log after reboot, launch SUPERAntiSpyware again.
  • Click the View Scan Logs button at the bottom.
  • This will open the Scanner Logs Window.
  • Click on the log to highlight it and then click on View Selected Log to open it.
  • Copy and paste the scan log results in your next reply.
-- Some types of malware will disable security tools. If SUPERAntiSpyware will not install, please refer to these instructions for using the SUPERAntiSpyware Installer. If SUPERAntiSpyware is already installed but will not run, then follow the instructions for using RUNSAS.EXE to launch the program.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 warman343

warman343
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:06:17 AM

Posted 07 July 2012 - 04:01 PM

for posting, you mean by posting my results to this page?

#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,934 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:08:17 AM

Posted 07 July 2012 - 05:22 PM

Yes, post the scan logs here.. copy/paste them.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#5 warman343

warman343
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:06:17 AM

Posted 08 July 2012 - 03:36 PM

here are the logs. not quite sure what you can get out of all this, but after all that i've done, i see no problems.
thanks for helping.

MiniToolBox by Farbar Version: 25-06-2012
Ran by Chris (administrator) on 07-07-2012 at 15:58:41
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================



========================= IP Configuration: ================================

Hawking Wireless-N Network Adapter = Wireless Network Connection (Connected)
Hamachi Network Interface = Hamachi (Connected)
Realtek PCIe GBE Family Controller = Local Area Connection (Media disconnected)
TAP-Win32 Adapter V9 (Tunngle) = Tunngle (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 3 (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled taskoffload=disabled
add route prefix=0.0.0.0/0 interface="Hamachi" nexthop=5.0.0.1 publish=Yes
set interface interface="Hamachi" forwarding=disabled advertise=disabled metric=9000 siteprefixlength=0 nud=disabled routerdiscovery=disabled managedaddress=disabled otherstateful=disabled weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled advertisedrouterlifetime=0 advertisedefaultroute=disabled currenthoplimit=0 forcearpndwolpattern=disabled enabledirectedmacwolpattern=disabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Warman
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Wireless LAN adapter Wireless Network Connection 3:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
Physical Address. . . . . . . . . : 00-0E-3B-33-0B-8F
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Tunngle:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : TAP-Win32 Adapter V9 (Tunngle)
Physical Address. . . . . . . . . : 00-FF-7D-DA-5E-BE
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Hawking Wireless-N Network Adapter
Physical Address. . . . . . . . . : 00-0E-3B-33-0B-8E
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::c060:83e2:febe:1761%11(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.136(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Saturday, July 07, 2012 11:30:58 AM
Lease Expires . . . . . . . . . . : Sunday, July 08, 2012 11:30:58 AM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 301993531
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-15-06-20-42-1C-6F-65-32-A3-39
DNS Servers . . . . . . . . . . . : 97.64.168.12
97.64.183.165
192.168.1.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
Physical Address. . . . . . . . . : 1C-6F-65-32-A3-39
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Hamachi:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Hamachi Network Interface
Physical Address. . . . . . . . . : 7A-79-05-CC-0B-48
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2620:9b::5cc:b48(Preferred)
Link-local IPv6 Address . . . . . : fe80::c068:40df:6392:2014%13(Preferred)
IPv4 Address. . . . . . . . . . . : 5.204.11.72(Preferred)
Subnet Mask . . . . . . . . . . . : 255.0.0.0
Lease Obtained. . . . . . . . . . : Saturday, July 07, 2012 11:28:09 AM
Lease Expires . . . . . . . . . . : Sunday, July 07, 2013 11:28:24 AM
Default Gateway . . . . . . . . . : 5.0.0.1
DHCP Server . . . . . . . . . . . : 5.0.0.1
DHCPv6 IAID . . . . . . . . . . . : 410679770
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-15-06-20-42-1C-6F-65-32-A3-39
DNS Servers . . . . . . . . . . . : fec0:0:0:ffff::1%1
fec0:0:0:ffff::2%1
fec0:0:0:ffff::3%1
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.{C1A0FCB5-C981-4FA6-A481-B35613D13AC8}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{7DDA5EBE-DD05-4F4F-B80A-766D65A5B585}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{684F4132-3F26-458D-8100-51B1DC9D29E5}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #4
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 11:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:5ef5:79fd:102a:f33:52ea:29a7(Preferred)
Link-local IPv6 Address . . . . . : fe80::102a:f33:52ea:29a7%19(Preferred)
Default Gateway . . . . . . . . . :
NetBIOS over Tcpip. . . . . . . . : Disabled
Server: dsmdc-dns-dts10.mcomdc.com
Address: 97.64.168.12

Name: google.com
Addresses: 2607:f8b0:4009:801::1007
74.125.225.68
74.125.225.69
74.125.225.70
74.125.225.71
74.125.225.72
74.125.225.73
74.125.225.78
74.125.225.64
74.125.225.65
74.125.225.66
74.125.225.67


Pinging google.com [74.125.225.72] with 32 bytes of data:
Reply from 74.125.225.72: bytes=32 time=74ms TTL=53
Reply from 74.125.225.72: bytes=32 time=18ms TTL=53

Ping statistics for 74.125.225.72:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 18ms, Maximum = 74ms, Average = 46ms
Server: dsmdc-dns-dts10.mcomdc.com
Address: 97.64.168.12

Name: yahoo.com
Addresses: 209.191.122.70
72.30.38.140
98.139.183.24


Pinging yahoo.com [72.30.38.140] with 32 bytes of data:
Reply from 72.30.38.140: bytes=32 time=133ms TTL=49
Reply from 72.30.38.140: bytes=32 time=69ms TTL=49

Ping statistics for 72.30.38.140:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 69ms, Maximum = 133ms, Average = 101ms
Server: dsmdc-dns-dts10.mcomdc.com
Address: 97.64.168.12

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
20...00 0e 3b 33 0b 8f ......Microsoft Virtual WiFi Miniport Adapter
18...00 ff 7d da 5e be ......TAP-Win32 Adapter V9 (Tunngle)
11...00 0e 3b 33 0b 8e ......Hawking Wireless-N Network Adapter
10...1c 6f 65 32 a3 39 ......Realtek PCIe GBE Family Controller
13...7a 79 05 cc 0b 48 ......Hamachi Network Interface
1...........................Software Loopback Interface 1
21...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
23...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
22...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #4
19...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 5.0.0.1 5.204.11.72 9256
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.136 25
5.0.0.0 255.0.0.0 On-link 5.204.11.72 9256
5.204.11.72 255.255.255.255 On-link 5.204.11.72 9256
5.255.255.255 255.255.255.255 On-link 5.204.11.72 9256
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.136 281
192.168.1.136 255.255.255.255 On-link 192.168.1.136 281
192.168.1.255 255.255.255.255 On-link 192.168.1.136 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.136 281
224.0.0.0 240.0.0.0 On-link 5.204.11.72 9256
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.136 281
255.255.255.255 255.255.255.255 On-link 5.204.11.72 9256
===========================================================================
Persistent Routes:
Network Address Netmask Gateway Address Metric
0.0.0.0 0.0.0.0 5.0.0.1 Default
===========================================================================

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
19 58 2001::/32 On-link
19 306 2001:0:5ef5:79fd:102a:f33:52ea:29a7/128
On-link
13 276 2620:9b::/96 On-link
13 276 2620:9b::5cc:b48/128 On-link
11 281 fe80::/64 On-link
13 276 fe80::/64 On-link
19 306 fe80::/64 On-link
19 306 fe80::102a:f33:52ea:29a7/128
On-link
11 281 fe80::c060:83e2:febe:1761/128
On-link
13 276 fe80::c068:40df:6392:2014/128
On-link
1 306 ff00::/8 On-link
19 306 ff00::/8 On-link
11 281 ff00::/8 On-link
13 276 ff00::/8 On-link
===========================================================================
Persistent Routes:
If Metric Network Destination Gateway
0 4294967295 2620:9b::/96 On-link
===========================================================================
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 06 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 08 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog5 06 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog5 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 08 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (07/07/2012 11:57:27 AM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.


Operation:
Gathering Writer Data

Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {d459ae94-5512-4bc7-b9f1-db8721f8fb9a}

Error: (07/07/2012 11:41:34 AM) (Source: Application Error) (User: )
Description: Faulting application name: svchost.exe, version: 6.1.7600.16385, time stamp: 0x4a5bc3c5
Faulting module name: mshtml.dll, version: 8.0.7601.17824, time stamp: 0x4f90eac5
Exception code: 0xc0000005
Fault offset: 0x001fa94e
Faulting process id: 0x1728
Faulting application start time: 0xsvchost.exe0
Faulting application path: svchost.exe1
Faulting module path: svchost.exe2
Report Id: svchost.exe3

Error: (07/07/2012 11:32:57 AM) (Source: Application Error) (User: )
Description: Faulting application name: svchost.exe, version: 6.1.7600.16385, time stamp: 0x4a5bc3c5
Faulting module name: mshtml.dll, version: 8.0.7601.17824, time stamp: 0x4f90eac5
Exception code: 0xc0000005
Fault offset: 0x001fa94e
Faulting process id: 0xe2c
Faulting application start time: 0xsvchost.exe0
Faulting application path: svchost.exe1
Faulting module path: svchost.exe2
Report Id: svchost.exe3

Error: (07/06/2012 09:23:06 PM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.


Operation:
Gathering Writer Data

Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {8d33e19a-63e6-45eb-a7c7-cbc325231610}

Error: (07/06/2012 08:55:10 PM) (Source: McLogEvent) (User: NT AUTHORITY)NT AUTHORITY
Description: MCSCAN32 Engine Initialisation failed.
Engine returned error : 3

Error: (07/06/2012 08:54:40 PM) (Source: Application Error) (User: )
Description: Faulting application name: svchost.exe, version: 6.1.7600.16385, time stamp: 0x4a5bc3c5
Faulting module name: mshtml.dll, version: 8.0.7601.17824, time stamp: 0x4f90eac5
Exception code: 0xc0000005
Fault offset: 0x001fa94e
Faulting process id: 0xecc
Faulting application start time: 0xsvchost.exe0
Faulting application path: svchost.exe1
Faulting module path: svchost.exe2
Report Id: svchost.exe3

Error: (07/06/2012 08:53:06 PM) (Source: McLogEvent) (User: NT AUTHORITY)NT AUTHORITY
Description: MCSCAN32 Engine Initialisation failed.
Engine returned error : 3

Error: (07/06/2012 11:11:01 AM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.


Operation:
Gathering Writer Data

Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {35cdc42e-ad93-4611-9637-43ee0e82ec3b}

Error: (07/06/2012 10:40:31 AM) (Source: McLogEvent) (User: NT AUTHORITY)NT AUTHORITY
Description: A thread in process C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe took longer than 90000 ms to complete a request.

The process will be terminated.
Thread id : 3500 (0xdac)

Thread address : 0x0000000077AC135A

Thread message :

Build VSCORE.14.4.0.387 / 5400.1158
Object being scanned = \Device\HarddiskVolume2\PROGRA~2\Java\jre6\bin\jkernel.dll
by globalroot\systemroot\svchost.exe
4(0)(0)
4(0)(0)
7200(0)(0)
7595(0)(0)
7005(0)(0)
7004(0)(0)
5006(0)(0)
5004(0)(0)

Error: (07/06/2012 10:36:35 AM) (Source: Application Error) (User: )
Description: Faulting application name: svchost.exe, version: 6.1.7600.16385, time stamp: 0x4a5bc3c5
Faulting module name: mshtml.dll, version: 8.0.7601.17824, time stamp: 0x4f90eac5
Exception code: 0xc0000005
Fault offset: 0x001fa94e
Faulting process id: 0xbec
Faulting application start time: 0xsvchost.exe0
Faulting application path: svchost.exe1
Faulting module path: svchost.exe2
Report Id: svchost.exe3


System errors:
=============
Error: (07/07/2012 11:32:38 AM) (Source: DCOM) (User: )
Description: {3A185DDE-E020-4985-A8F2-E27CDC4A0F3A}

Error: (07/07/2012 11:28:11 AM) (Source: Service Control Manager) (User: )
Description: The LogMeIn Hamachi Tunneling Engine service failed to start due to the following error:
%%1053

Error: (07/07/2012 11:28:11 AM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the LogMeIn Hamachi Tunneling Engine service to connect.

Error: (07/07/2012 11:28:09 AM) (Source: Service Control Manager) (User: )
Description: The LogMeIn Hamachi Tunneling Engine service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.

Error: (07/06/2012 08:53:00 PM) (Source: Service Control Manager) (User: )
Description: The Windows Firewall service terminated with service-specific error %%5.

Error: (07/06/2012 10:40:31 AM) (Source: Service Control Manager) (User: )
Description: The McAfee McShield service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.

Error: (07/06/2012 10:32:33 AM) (Source: EventLog) (User: )
Description: The previous system shutdown at 10:31:23 AM on ?7/?6/?2012 was unexpected.

Error: (07/02/2012 01:58:25 AM) (Source: atapi) (User: )
Description: The driver detected a controller error on \Device\Ide\IdePort0.

Error: (07/02/2012 00:50:46 AM) (Source: atapi) (User: )
Description: The driver detected a controller error on \Device\Ide\IdePort0.

Error: (06/22/2012 05:32:46 PM) (Source: atapi) (User: )
Description: The driver detected a controller error on \Device\Ide\IdePort0.


Microsoft Office Sessions:
=========================
Error: (07/07/2012 11:57:27 AM) (Source: VSS)(User: )
Description: 0x80070005, Access is denied.


Operation:
Gathering Writer Data

Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {d459ae94-5512-4bc7-b9f1-db8721f8fb9a}

Error: (07/07/2012 11:41:34 AM) (Source: Application Error)(User: )
Description: svchost.exe6.1.7600.163854a5bc3c5mshtml.dll8.0.7601.178244f90eac5c0000005001fa94e172801cd5c5e35b8ad0b\\.\globalroot\systemroot\svchost.exeC:\Windows\SysWOW64\mshtml.dll9c357d19-c852-11e1-9418-1c6f6532a339

Error: (07/07/2012 11:32:57 AM) (Source: Application Error)(User: )
Description: svchost.exe6.1.7600.163854a5bc3c5mshtml.dll8.0.7601.178244f90eac5c0000005001fa94ee2c01cd5c5d85ee8c56\\.\globalroot\systemroot\svchost.exeC:\Windows\SysWOW64\mshtml.dll683491fb-c851-11e1-9418-1c6f6532a339

Error: (07/06/2012 09:23:06 PM) (Source: VSS)(User: )
Description: 0x80070005, Access is denied.


Operation:
Gathering Writer Data

Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {8d33e19a-63e6-45eb-a7c7-cbc325231610}

Error: (07/06/2012 08:55:10 PM) (Source: McLogEvent)(User: NT AUTHORITY)NT AUTHORITY
Description: 3

Error: (07/06/2012 08:54:40 PM) (Source: Application Error)(User: )
Description: svchost.exe6.1.7600.163854a5bc3c5mshtml.dll8.0.7601.178244f90eac5c0000005001fa94eecc01cd5be3606e2d90\\.\globalroot\systemroot\svchost.exeC:\Windows\SysWOW64\mshtml.dllb66dc83d-c7d6-11e1-a0b0-1c6f6532a339

Error: (07/06/2012 08:53:06 PM) (Source: McLogEvent)(User: NT AUTHORITY)NT AUTHORITY
Description: 3

Error: (07/06/2012 11:11:01 AM) (Source: VSS)(User: )
Description: 0x80070005, Access is denied.


Operation:
Gathering Writer Data

Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {35cdc42e-ad93-4611-9637-43ee0e82ec3b}

Error: (07/06/2012 10:40:31 AM) (Source: McLogEvent)(User: NT AUTHORITY)NT AUTHORITY
Description: C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe900003500 (0xdac)0x0000000077AC135A
Build VSCORE.14.4.0.387 / 5400.1158
Object being scanned = \Device\HarddiskVolume2\PROGRA~2\Java\jre6\bin\jkernel.dll
by globalroot\systemroot\svchost.exe
4(0)(0)
4(0)(0)
7200(0)(0)
7595(0)(0)
7005(0)(0)
7004(0)(0)
5006(0)(0)
5004(0)(0)

Error: (07/06/2012 10:36:35 AM) (Source: Application Error)(User: )
Description: svchost.exe6.1.7600.163854a5bc3c5mshtml.dll8.0.7601.178244f90eac5c0000005001fa94ebec01cd5b8cb4011e22\\.\globalroot\systemroot\svchost.exeC:\Windows\SysWOW64\mshtml.dll5e386ee7-c780-11e1-bd85-1c6f6532a339


=========================== Installed Programs ============================

"Faces of War" (Remove Only) (Version: 1.0.1)
@BIOS Ver.2.06 (Version: 2.06)
Adobe Flash Player 11 ActiveX (Version: 11.3.300.257)
Adobe Flash Player 11 Plugin (Version: 11.3.300.262)
Adobe Reader 7.0.8 (Version: 7.0.8)
Age of Empires Online
Aliens versus Predator Classic 2000
AMD Accelerated Video Transcoding (Version: 2.00.0002)
AMD APP SDK Runtime (Version: 10.0.923.1)
AMD Catalyst Install Manager (Version: 8.0.873.0)
AMD Drag and Drop Transcoding (Version: 2.00.0000)
AMD Media Foundation Decoders (Version: 1.0.70405.2224)
Anime Studio Pro 8.0 (Version: 8.0)
APB Reloaded (Version: 1.3.3.560517)
ARMA 2
ARMA 2: Operation Arrowhead
Assassin's Creed Brotherhood
ATI AVIVO64 Codecs (Version: 11.6.0.50930)
ATI Problem Report Wizard (Version: 3.0.795.0)
Audacity 1.3.13 (Unicode)
AutoGreen B09.1014.2 (Version: 1.00.0000)
Battlefield: Bad Company 2
BattlEye for OA Uninstall
Black & White® 2 Demo (Version: 1.00.0000)
Borderlands
Browser Configuration Utility (Version: 1.1.18.0)
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center (Version: 2012.0405.2205.37728)
Catalyst Control Center Graphics Previews Common (Version: 2012.0405.2205.37728)
Catalyst Control Center InstallProxy (Version: 2012.0405.2205.37728)
Catalyst Control Center Localization All (Version: 2012.0405.2205.37728)
ccc-utility64 (Version: 2012.0405.2205.37728)
CCC Help Chinese Standard (Version: 2012.0405.2204.37728)
CCC Help Chinese Traditional (Version: 2012.0405.2204.37728)
CCC Help Czech (Version: 2012.0405.2204.37728)
CCC Help Danish (Version: 2012.0405.2204.37728)
CCC Help Dutch (Version: 2012.0405.2204.37728)
CCC Help English (Version: 2012.0405.2204.37728)
CCC Help Finnish (Version: 2012.0405.2204.37728)
CCC Help French (Version: 2012.0405.2204.37728)
CCC Help German (Version: 2012.0405.2204.37728)
CCC Help Greek (Version: 2012.0405.2204.37728)
CCC Help Hungarian (Version: 2012.0405.2204.37728)
CCC Help Italian (Version: 2012.0405.2204.37728)
CCC Help Japanese (Version: 2012.0405.2204.37728)
CCC Help Korean (Version: 2012.0405.2204.37728)
CCC Help Norwegian (Version: 2012.0405.2204.37728)
CCC Help Polish (Version: 2012.0405.2204.37728)
CCC Help Portuguese (Version: 2012.0405.2204.37728)
CCC Help Russian (Version: 2012.0405.2204.37728)
CCC Help Spanish (Version: 2012.0405.2204.37728)
CCC Help Swedish (Version: 2012.0405.2204.37728)
CCC Help Thai (Version: 2012.0405.2204.37728)
CCC Help Turkish (Version: 2012.0405.2204.37728)
Chantelise
Cisco EAP-FAST Module (Version: 2.2.14)
Cisco LEAP Module (Version: 1.0.19)
Cisco PEAP Module (Version: 1.1.6)
Command & Conquer Generals (Version: 0.50.0000)
Command and ConquerTM Generals Zero Hour (Version: 1.00.0000)
Company of Heroes
Company of Heroes: Opposing Fronts
D3DX10 (Version: 15.4.2368.0902)
Darksiders
DarksidersInstaller (Version: 1.00.1000)
Dead Island
DealBulldog Toolbar
DES 2.0 (Version: 1.00.0000)
Desura (Version: 100.53)
Dual-Core Optimizer (Version: 1.1.4.0169)
Duke Nukem 3D
Dungeons of Dredmor
Easy Tune 6 B10.0420.1 (Version: 1.00.0000)
Empire: Total War
EVE Online: Incursion
Foxit Reader
Fraps (remove only)
Game Booster 3 (Version: 3.2)
GameRanger
Garry's Mod
Gigabyte Raid Configurer (Version: 1.00.0001)
Global Agenda
Grand Theft Auto IV
GRID
Half-Life 2
Hawking Hi-Gain Amplified Wireless-N USB Adapter (Version: 1.5.6.0)
Homeworld
HydraVision (Version: 4.2.180.0)
HyperCam 2 (Version: 2.25.01)
Impulse (Version: 3.29)
Java Auto Updater (Version: 2.0.6.1)
Java™ 6 Update 25 (Version: 6.0.250)
Java™ 6 Update 29 (64-bit) (Version: 6.0.290)
Java™ 6 Update 29 (Version: 6.0.290)
Java™ 7 Update 3 (64-bit) (Version: 7.0.30)
koihimemusou_trial (Version: 1.00.0000)
League of Legends (Version: 1.3)
Left 4 Dead
Left 4 Dead 2
LogMeIn Hamachi (Version: 2.1.0.210)
Magicka
McAfee Total Protection (Version: 11.0.669)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Games for Windows - LIVE Redistributable (Version: 3.5.92.0)
Microsoft Games for Windows Marketplace (Version: 3.5.50.0)
Microsoft Silverlight (Version: 5.1.10411.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.50727.42)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft XNA Framework Redistributable 3.1 (Version: 3.1.10527.0)
Microsoft XNA Framework Redistributable 4.0 (Version: 4.0.20823.0)
Mount & Blade: Warband
MSVCRT (Version: 15.4.2862.0708)
Mumble 1.2.3 (Version: 1.2.3)
NEC Electronics USB 3.0 Host Controller Driver (Version: 1.0.18.0)
Nuclear Dawn Beta
NVIDIA PhysX (Version: 9.10.0129)
ON_OFF Charge B10.0422.2 (Version: 1.00.0001)
OpenAL
Operation Flashpoint: Dragon Rising
Orcs Must Die!
Pando Media Booster (Version: 2.6.0.7)
PunkBuster Services (Version: 0.993)
Realm of the Mad God
Realtek Ethernet Controller Driver For Windows 7 (Version: 7.17.304.2010)
Realtek High Definition Audio Driver (Version: 6.0.1.6077)
Rome: Total War Gold Edition
Rusty Hearts
Samsung_MonSetup (Version: 1.00.0000)
ShockWave 1.1
Sins of a Solar Empire
Sins of a Solar Empire - Diplomacy
Sins of a Solar Empire - Entrenchment
Sins of a Solar Empire: Rebellion Beta
Skype Click to Call (Version: 6.0.10297)
Skype™ 5.8 (Version: 5.8.158)
Smart 6 B10.0422.1 (Version: 1.00.0000)
Source SDK
Source SDK Base 2007
Spiral Knights
Spore
Star Trek Online
Star Wars: Empire at War Gold
Steam (Version: 1.0.0.0)
Stronghold 3
Supreme Commander 2
Team Fortress 2
TeamSpeak 3 Client (Version: 3.0.7)
Terraria
The Sims™ 3
Total War: SHOGUN 2
Tribes: Ascend
Tunngle beta
Ubisoft Game Launcher (Version: 1.0.0.0)
UninstallBlitz
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
Utawarerumono English v1.1
Warcraft III
Warhammer 40,000 Space Marine
Warhammer® 40,000®: Dawn of War® II – Retribution™
Warhammer® 40,000™: Dawn of War® II
Warhammer® 40,000™: Dawn of War® II – Chaos Rising™
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3555.0308)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3555.0308)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
WinRAR 4.01 (32-bit) (Version: 4.01.0)
World of Tanks closed Beta v.0.6.3.8
Yu-Gi-Oh! ONLINE 3 (Version: 1.00.3000)

========================= Memory info: ===================================

Percentage of memory in use: 47%
Total physical RAM: 6142.43 MB
Available physical RAM: 3218 MB
Total Pagefile: 12283.05 MB
Available Pagefile: 8377.75 MB
Total Virtual: 4095.88 MB
Available Virtual: 3969.75 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:931.41 GB) (Free:376.92 GB) NTFS

========================= Users: ========================================

User accounts for \\WARMAN

Administrator Chris Guest


**** End of log ****


16:02:29.0331 6640 TDSS rootkit removing tool 2.7.44.0 Jul 2 2012 20:01:08
16:02:29.0991 6640 ============================================================
16:02:29.0991 6640 Current date / time: 2012/07/07 16:02:29.0991
16:02:29.0991 6640 SystemInfo:
16:02:29.0991 6640
16:02:29.0991 6640 OS Version: 6.1.7601 ServicePack: 1.0
16:02:29.0991 6640 Product type: Workstation
16:02:29.0991 6640 ComputerName: WARMAN
16:02:29.0991 6640 UserName: Chris
16:02:29.0991 6640 Windows directory: C:\Windows
16:02:29.0991 6640 System windows directory: C:\Windows
16:02:29.0991 6640 Running under WOW64
16:02:29.0991 6640 Processor architecture: Intel x64
16:02:29.0991 6640 Number of processors: 8
16:02:29.0991 6640 Page size: 0x1000
16:02:29.0991 6640 Boot type: Normal boot
16:02:29.0991 6640 ============================================================
16:02:31.0471 6640 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1F8B1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000040
16:02:31.0471 6640 ============================================================
16:02:31.0471 6640 \Device\Harddisk0\DR0:
16:02:31.0471 6640 MBR partitions:
16:02:31.0471 6640 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
16:02:31.0471 6640 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x746D3800
16:02:31.0471 6640 ============================================================
16:02:31.0501 6640 C: <-> \Device\Harddisk0\DR0\Partition1
16:02:31.0501 6640 ============================================================
16:02:31.0501 6640 Initialize success
16:02:31.0501 6640 ============================================================
16:03:01.0451 7676 ============================================================
16:03:01.0451 7676 Scan started
16:03:01.0451 7676 Mode: Manual; TDLFS;
16:03:01.0451 7676 ============================================================
16:03:02.0761 7676 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
16:03:02.0761 7676 1394ohci - ok
16:03:02.0821 7676 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
16:03:02.0821 7676 ACPI - ok
16:03:02.0861 7676 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
16:03:02.0891 7676 AcpiPmi - ok
16:03:03.0011 7676 AdobeFlashPlayerUpdateSvc (990dc6edc9f933194d7cd4e65146bc94) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
16:03:03.0021 7676 AdobeFlashPlayerUpdateSvc - ok
16:03:03.0091 7676 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
16:03:03.0111 7676 adp94xx - ok
16:03:03.0151 7676 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
16:03:03.0161 7676 adpahci - ok
16:03:03.0181 7676 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
16:03:03.0181 7676 adpu320 - ok
16:03:03.0221 7676 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
16:03:03.0221 7676 AeLookupSvc - ok
16:03:03.0301 7676 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
16:03:03.0341 7676 AFD - ok
16:03:03.0381 7676 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
16:03:03.0381 7676 agp440 - ok
16:03:03.0391 7676 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
16:03:03.0401 7676 ALG - ok
16:03:03.0411 7676 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
16:03:03.0411 7676 aliide - ok
16:03:03.0471 7676 AMD External Events Utility (20c8a3e435a47f0408a1ea674afa6194) C:\Windows\system32\atiesrxx.exe
16:03:03.0501 7676 AMD External Events Utility - ok
16:03:03.0521 7676 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
16:03:03.0521 7676 amdide - ok
16:03:03.0571 7676 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
16:03:03.0571 7676 AmdK8 - ok
16:03:03.0951 7676 amdkmdag (0b45c18b0f3ee996d25baa4e74884b83) C:\Windows\system32\DRIVERS\atikmdag.sys
16:03:04.0141 7676 amdkmdag - ok
16:03:04.0261 7676 amdkmdap (0e57258e5cc4cc7a9a9a877afdf0cec6) C:\Windows\system32\DRIVERS\atikmpag.sys
16:03:04.0291 7676 amdkmdap - ok
16:03:04.0301 7676 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
16:03:04.0301 7676 AmdPPM - ok
16:03:04.0351 7676 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
16:03:04.0381 7676 amdsata - ok
16:03:04.0431 7676 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
16:03:04.0441 7676 amdsbs - ok
16:03:04.0451 7676 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
16:03:04.0481 7676 amdxata - ok
16:03:04.0541 7676 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
16:03:04.0571 7676 AppID - ok
16:03:04.0571 7676 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
16:03:04.0581 7676 AppIDSvc - ok
16:03:04.0631 7676 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
16:03:04.0661 7676 Appinfo - ok
16:03:04.0711 7676 AppleCharger (a632d9ea15f37d2605a7fcaf3892ec96) C:\Windows\system32\DRIVERS\AppleCharger.sys
16:03:04.0741 7676 AppleCharger - ok
16:03:04.0751 7676 AppleChargerSrv (95ef7247c50c7241fdae39a9b3aff4ae) C:\Windows\system32\AppleChargerSrv.exe
16:03:04.0791 7676 AppleChargerSrv - ok
16:03:04.0841 7676 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
16:03:04.0851 7676 arc - ok
16:03:04.0851 7676 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
16:03:04.0861 7676 arcsas - ok
16:03:04.0961 7676 aspnet_state (9217d874131ae6ff8f642f124f00a555) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
16:03:04.0991 7676 aspnet_state - ok
16:03:05.0031 7676 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
16:03:05.0031 7676 AsyncMac - ok
16:03:05.0061 7676 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
16:03:05.0061 7676 atapi - ok
16:03:05.0121 7676 AtiHDAudioService (24464b908e143d2561e9e452fee97309) C:\Windows\system32\drivers\AtihdW76.sys
16:03:05.0151 7676 AtiHDAudioService - ok
16:03:05.0221 7676 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
16:03:05.0231 7676 AudioEndpointBuilder - ok
16:03:05.0231 7676 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
16:03:05.0241 7676 AudioSrv - ok
16:03:05.0301 7676 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
16:03:05.0321 7676 AxInstSV - ok
16:03:05.0381 7676 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
16:03:05.0391 7676 b06bdrv - ok
16:03:05.0451 7676 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
16:03:05.0451 7676 b57nd60a - ok
16:03:05.0521 7676 BCUService (382b151daffe4a9ce9da9f564b66761e) C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe
16:03:05.0571 7676 BCUService - ok
16:03:05.0601 7676 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
16:03:05.0601 7676 BDESVC - ok
16:03:05.0631 7676 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
16:03:05.0631 7676 Beep - ok
16:03:05.0711 7676 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
16:03:05.0751 7676 BFE - ok
16:03:05.0801 7676 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
16:03:05.0871 7676 BITS - ok
16:03:05.0941 7676 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
16:03:05.0941 7676 blbdrive - ok
16:03:05.0981 7676 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
16:03:06.0011 7676 bowser - ok
16:03:06.0021 7676 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
16:03:06.0031 7676 BrFiltLo - ok
16:03:06.0041 7676 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
16:03:06.0041 7676 BrFiltUp - ok
16:03:06.0081 7676 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
16:03:06.0101 7676 Browser - ok
16:03:06.0111 7676 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
16:03:06.0121 7676 Brserid - ok
16:03:06.0151 7676 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
16:03:06.0151 7676 BrSerWdm - ok
16:03:06.0161 7676 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
16:03:06.0161 7676 BrUsbMdm - ok
16:03:06.0171 7676 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
16:03:06.0171 7676 BrUsbSer - ok
16:03:06.0191 7676 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
16:03:06.0191 7676 BTHMODEM - ok
16:03:06.0211 7676 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
16:03:06.0211 7676 bthserv - ok
16:03:06.0221 7676 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
16:03:06.0231 7676 cdfs - ok
16:03:06.0291 7676 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys
16:03:06.0321 7676 cdrom - ok
16:03:06.0361 7676 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
16:03:06.0391 7676 CertPropSvc - ok
16:03:06.0451 7676 cfwids (274ce03459896006f7a5069266e0469e) C:\Windows\system32\drivers\cfwids.sys
16:03:06.0481 7676 cfwids - ok
16:03:06.0531 7676 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
16:03:06.0531 7676 circlass - ok
16:03:06.0571 7676 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
16:03:06.0571 7676 CLFS - ok
16:03:06.0611 7676 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:03:06.0611 7676 clr_optimization_v2.0.50727_32 - ok
16:03:06.0641 7676 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
16:03:06.0641 7676 clr_optimization_v2.0.50727_64 - ok
16:03:06.0731 7676 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
16:03:06.0771 7676 clr_optimization_v4.0.30319_32 - ok
16:03:06.0831 7676 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
16:03:06.0871 7676 clr_optimization_v4.0.30319_64 - ok
16:03:06.0911 7676 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
16:03:06.0911 7676 CmBatt - ok
16:03:06.0941 7676 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
16:03:06.0941 7676 cmdide - ok
16:03:06.0991 7676 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
16:03:07.0021 7676 CNG - ok
16:03:07.0031 7676 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
16:03:07.0031 7676 Compbatt - ok
16:03:07.0081 7676 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
16:03:07.0111 7676 CompositeBus - ok
16:03:07.0131 7676 COMSysApp - ok
16:03:07.0151 7676 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
16:03:07.0151 7676 crcdisk - ok
16:03:07.0211 7676 CryptSvc (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll
16:03:07.0231 7676 CryptSvc - ok
16:03:07.0291 7676 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
16:03:07.0291 7676 DcomLaunch - ok
16:03:07.0351 7676 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
16:03:07.0351 7676 defragsvc - ok
16:03:07.0451 7676 DES2 Service (fdc0c5adde1cde6edb0bef78f0699af3) C:\Program Files (x86)\GIGABYTE\EnergySaver2\des2svr.exe
16:03:07.0491 7676 DES2 Service - ok
16:03:07.0561 7676 Desura Install Service (2b9a817dc1bdad9ce5495099b6a7136a) C:\Program Files (x86)\Common Files\Desura\desura_service.exe
16:03:07.0591 7676 Desura Install Service - ok
16:03:07.0641 7676 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
16:03:07.0671 7676 DfsC - ok
16:03:07.0721 7676 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
16:03:07.0751 7676 Dhcp - ok
16:03:07.0761 7676 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
16:03:07.0771 7676 discache - ok
16:03:07.0821 7676 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
16:03:07.0821 7676 Disk - ok
16:03:07.0871 7676 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
16:03:07.0891 7676 Dnscache - ok
16:03:07.0931 7676 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
16:03:07.0961 7676 dot3svc - ok
16:03:07.0991 7676 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
16:03:07.0991 7676 DPS - ok
16:03:08.0031 7676 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
16:03:08.0031 7676 drmkaud - ok
16:03:08.0091 7676 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
16:03:08.0141 7676 DXGKrnl - ok
16:03:08.0211 7676 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
16:03:08.0211 7676 EapHost - ok
16:03:08.0331 7676 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
16:03:08.0391 7676 ebdrv - ok
16:03:08.0481 7676 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
16:03:08.0511 7676 EFS - ok
16:03:08.0591 7676 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
16:03:08.0631 7676 ehRecvr - ok
16:03:08.0651 7676 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
16:03:08.0651 7676 ehSched - ok
16:03:08.0721 7676 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
16:03:08.0731 7676 elxstor - ok
16:03:08.0771 7676 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
16:03:08.0781 7676 ErrDev - ok
16:03:08.0851 7676 etdrv (84486624268e078255bc7aa47f0960bc) C:\Windows\etdrv.sys
16:03:08.0881 7676 etdrv - ok
16:03:08.0921 7676 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
16:03:08.0931 7676 EventSystem - ok
16:03:08.0941 7676 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
16:03:08.0941 7676 exfat - ok
16:03:08.0961 7676 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
16:03:08.0961 7676 fastfat - ok
16:03:09.0011 7676 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
16:03:09.0051 7676 Fax - ok
16:03:09.0061 7676 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
16:03:09.0071 7676 fdc - ok
16:03:09.0081 7676 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
16:03:09.0081 7676 fdPHost - ok
16:03:09.0091 7676 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
16:03:09.0091 7676 FDResPub - ok
16:03:09.0101 7676 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
16:03:09.0101 7676 FileInfo - ok
16:03:09.0111 7676 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
16:03:09.0111 7676 Filetrace - ok
16:03:09.0121 7676 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
16:03:09.0121 7676 flpydisk - ok
16:03:09.0171 7676 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
16:03:09.0181 7676 FltMgr - ok
16:03:09.0251 7676 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
16:03:09.0271 7676 FontCache - ok
16:03:09.0331 7676 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
16:03:09.0341 7676 FontCache3.0.0.0 - ok
16:03:09.0361 7676 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
16:03:09.0361 7676 FsDepends - ok
16:03:09.0381 7676 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
16:03:09.0411 7676 Fs_Rec - ok
16:03:09.0471 7676 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
16:03:09.0511 7676 fvevol - ok
16:03:09.0541 7676 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
16:03:09.0541 7676 gagp30kx - ok
16:03:09.0581 7676 gdrv (7907e14f9bcf3a4689c9a74a1a873cb6) C:\Windows\gdrv.sys
16:03:09.0611 7676 gdrv - ok
16:03:09.0661 7676 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
16:03:09.0681 7676 gpsvc - ok
16:03:09.0721 7676 GVTDrv64 (8126331fbd4ed29eb3b356f9c905064d) C:\Windows\GVTDrv64.sys
16:03:09.0751 7676 GVTDrv64 - ok
16:03:09.0821 7676 hamachi (1e6438d4ea6e1174a3b3b1edc4de660b) C:\Windows\system32\DRIVERS\hamachi.sys
16:03:09.0851 7676 hamachi - ok
16:03:10.0071 7676 Hamachi2Svc (21d24138b736983f6e23823e092e9428) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
16:03:10.0131 7676 Hamachi2Svc - ok
16:03:10.0211 7676 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
16:03:10.0221 7676 hcw85cir - ok
16:03:10.0271 7676 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
16:03:10.0311 7676 HdAudAddService - ok
16:03:10.0351 7676 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
16:03:10.0351 7676 HDAudBus - ok
16:03:10.0361 7676 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
16:03:10.0371 7676 HidBatt - ok
16:03:10.0381 7676 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
16:03:10.0391 7676 HidBth - ok
16:03:10.0401 7676 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
16:03:10.0401 7676 HidIr - ok
16:03:10.0421 7676 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
16:03:10.0421 7676 hidserv - ok
16:03:10.0461 7676 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\drivers\hidusb.sys
16:03:10.0491 7676 HidUsb - ok
16:03:10.0531 7676 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
16:03:10.0551 7676 hkmsvc - ok
16:03:10.0601 7676 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
16:03:10.0621 7676 HomeGroupListener - ok
16:03:10.0661 7676 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
16:03:10.0671 7676 HomeGroupProvider - ok
16:03:10.0711 7676 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
16:03:10.0741 7676 HpSAMD - ok
16:03:10.0831 7676 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
16:03:10.0881 7676 HTTP - ok
16:03:10.0941 7676 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
16:03:10.0961 7676 hwpolicy - ok
16:03:11.0021 7676 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
16:03:11.0021 7676 i8042prt - ok
16:03:11.0091 7676 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
16:03:11.0131 7676 iaStorV - ok
16:03:11.0211 7676 IDriverT (1cf03c69b49acb70c722df92755c0c8c) C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
16:03:11.0251 7676 IDriverT - ok
16:03:11.0321 7676 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
16:03:11.0371 7676 idsvc - ok
16:03:11.0421 7676 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
16:03:11.0431 7676 iirsp - ok
16:03:11.0471 7676 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
16:03:11.0501 7676 IKEEXT - ok
16:03:11.0631 7676 IntcAzAudAddService (163f94ebf8f8a98616a6b804af08d736) C:\Windows\system32\drivers\RTKVHD64.sys
16:03:11.0691 7676 IntcAzAudAddService - ok
16:03:11.0761 7676 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
16:03:11.0761 7676 intelide - ok
16:03:11.0801 7676 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
16:03:11.0801 7676 intelppm - ok
16:03:11.0821 7676 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
16:03:11.0831 7676 IPBusEnum - ok
16:03:11.0861 7676 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
16:03:11.0891 7676 IpFilterDriver - ok
16:03:11.0951 7676 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
16:03:11.0951 7676 iphlpsvc - ok
16:03:11.0981 7676 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
16:03:12.0011 7676 IPMIDRV - ok
16:03:12.0021 7676 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
16:03:12.0031 7676 IPNAT - ok
16:03:12.0061 7676 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
16:03:12.0061 7676 IRENUM - ok
16:03:12.0071 7676 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
16:03:12.0071 7676 isapnp - ok
16:03:12.0111 7676 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
16:03:12.0141 7676 iScsiPrt - ok
16:03:12.0241 7676 JMB36X (f3a41ec4c6506e76e07a219b3a1df8d2) C:\Windows\SysWOW64\XSrvSetup.exe
16:03:12.0281 7676 JMB36X - ok
16:03:12.0341 7676 JRAID (1c368c1a2733dcc5b8e15420aa2b0f6d) C:\Windows\system32\DRIVERS\jraid.sys
16:03:12.0371 7676 JRAID - ok
16:03:12.0411 7676 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
16:03:12.0421 7676 kbdclass - ok
16:03:12.0471 7676 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
16:03:12.0501 7676 kbdhid - ok
16:03:12.0521 7676 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
16:03:12.0521 7676 KeyIso - ok
16:03:12.0551 7676 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
16:03:12.0581 7676 KSecDD - ok
16:03:12.0621 7676 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
16:03:12.0651 7676 KSecPkg - ok
16:03:12.0651 7676 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
16:03:12.0661 7676 ksthunk - ok
16:03:12.0691 7676 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
16:03:12.0711 7676 KtmRm - ok
16:03:12.0781 7676 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
16:03:12.0811 7676 LanmanServer - ok
16:03:12.0831 7676 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
16:03:12.0861 7676 LanmanWorkstation - ok
16:03:12.0891 7676 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
16:03:12.0901 7676 lltdio - ok
16:03:12.0941 7676 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
16:03:12.0951 7676 lltdsvc - ok
16:03:12.0951 7676 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
16:03:12.0961 7676 lmhosts - ok
16:03:13.0001 7676 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
16:03:13.0001 7676 LSI_FC - ok
16:03:13.0021 7676 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
16:03:13.0021 7676 LSI_SAS - ok
16:03:13.0041 7676 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
16:03:13.0041 7676 LSI_SAS2 - ok
16:03:13.0061 7676 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
16:03:13.0061 7676 LSI_SCSI - ok
16:03:13.0111 7676 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
16:03:13.0111 7676 luafv - ok
16:03:13.0221 7676 McAfee SiteAdvisor Service (be8c524313db75fa26fb2b0c0aaff88e) c:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe
16:03:13.0261 7676 McAfee SiteAdvisor Service - ok
16:03:13.0361 7676 McMPFSvc (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
16:03:13.0361 7676 McMPFSvc - ok
16:03:13.0391 7676 mcmscsvc (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
16:03:13.0391 7676 mcmscsvc - ok
16:03:13.0401 7676 McNaiAnn (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
16:03:13.0401 7676 McNaiAnn - ok
16:03:13.0411 7676 McNASvc (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
16:03:13.0411 7676 McNASvc - ok
16:03:13.0511 7676 McODS (dd01bf24dd6bf70a90549f9a7bb2d1eb) C:\Program Files\McAfee\VirusScan\mcods.exe
16:03:13.0511 7676 McODS - ok
16:03:13.0531 7676 McProxy (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
16:03:13.0531 7676 McProxy - ok
16:03:13.0591 7676 McShield (e998e3b12101288d716558466cbf6ae1) C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
16:03:13.0621 7676 McShield - ok
16:03:13.0661 7676 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
16:03:13.0681 7676 Mcx2Svc - ok
16:03:13.0741 7676 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
16:03:13.0741 7676 megasas - ok
16:03:13.0761 7676 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
16:03:13.0771 7676 MegaSR - ok
16:03:13.0801 7676 mfeapfk (01884cb7655c8908b43ff5e364fe6fd2) C:\Windows\system32\drivers\mfeapfk.sys
16:03:13.0831 7676 mfeapfk - ok
16:03:13.0871 7676 mfeavfk (dab9a9cdfb04e4d68924492aa043019d) C:\Windows\system32\drivers\mfeavfk.sys
16:03:13.0901 7676 mfeavfk - ok
16:03:13.0981 7676 mfeavfk01 - ok
16:03:14.0011 7676 mfefire (b26782c3d6045b4464017d7926877560) C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
16:03:14.0041 7676 mfefire - ok
16:03:14.0111 7676 mfefirek (ce9a3680675c0907ade16404ca967b49) C:\Windows\system32\drivers\mfefirek.sys
16:03:14.0151 7676 mfefirek - ok
16:03:14.0221 7676 mfehidk (60cf67458dd29cd17e77f2327b1a9a54) C:\Windows\system32\drivers\mfehidk.sys
16:03:14.0271 7676 mfehidk - ok
16:03:14.0311 7676 mfenlfk (a8129cfb919347f8533c934b365e9202) C:\Windows\system32\DRIVERS\mfenlfk.sys
16:03:14.0341 7676 mfenlfk - ok
16:03:14.0391 7676 mferkdet (5041fa2bd2b3a2693b015771bfbf6dca) C:\Windows\system32\drivers\mferkdet.sys
16:03:14.0431 7676 mferkdet - ok
16:03:14.0461 7676 mfevtp (723a5eb6cef7f408c3d0f15a82a6bff8) C:\Windows\system32\mfevtps.exe
16:03:14.0491 7676 mfevtp - ok
16:03:14.0561 7676 mfewfpk (919c56db14a0e1e2ab6da5d2821dc26e) C:\Windows\system32\drivers\mfewfpk.sys
16:03:14.0591 7676 mfewfpk - ok
16:03:14.0641 7676 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
16:03:14.0651 7676 MMCSS - ok
16:03:14.0661 7676 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
16:03:14.0661 7676 Modem - ok
16:03:14.0701 7676 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
16:03:14.0711 7676 monitor - ok
16:03:14.0751 7676 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys
16:03:14.0751 7676 mouclass - ok
16:03:14.0761 7676 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
16:03:14.0761 7676 mouhid - ok
16:03:14.0791 7676 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
16:03:14.0821 7676 mountmgr - ok
16:03:14.0871 7676 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
16:03:14.0901 7676 mpio - ok
16:03:14.0911 7676 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
16:03:14.0921 7676 mpsdrv - ok
16:03:14.0991 7676 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
16:03:15.0021 7676 MpsSvc - ok
16:03:15.0061 7676 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
16:03:15.0091 7676 MRxDAV - ok
16:03:15.0131 7676 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
16:03:15.0161 7676 mrxsmb - ok
16:03:15.0181 7676 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
16:03:15.0211 7676 mrxsmb10 - ok
16:03:15.0251 7676 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
16:03:15.0281 7676 mrxsmb20 - ok
16:03:15.0311 7676 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
16:03:15.0351 7676 msahci - ok
16:03:15.0381 7676 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
16:03:15.0421 7676 msdsm - ok
16:03:15.0441 7676 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
16:03:15.0441 7676 MSDTC - ok
16:03:15.0461 7676 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
16:03:15.0461 7676 Msfs - ok
16:03:15.0471 7676 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
16:03:15.0471 7676 mshidkmdf - ok
16:03:15.0501 7676 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
16:03:15.0501 7676 msisadrv - ok
16:03:15.0541 7676 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
16:03:15.0551 7676 MSiSCSI - ok
16:03:15.0551 7676 msiserver - ok
16:03:15.0711 7676 MSK80Service (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
16:03:15.0711 7676 MSK80Service - ok
16:03:15.0751 7676 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
16:03:15.0751 7676 MSKSSRV - ok
16:03:15.0801 7676 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
16:03:15.0801 7676 MSPCLOCK - ok
16:03:15.0811 7676 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
16:03:15.0811 7676 MSPQM - ok
16:03:15.0851 7676 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
16:03:15.0881 7676 MsRPC - ok
16:03:15.0911 7676 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
16:03:15.0911 7676 mssmbios - ok
16:03:15.0921 7676 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
16:03:15.0921 7676 MSTEE - ok
16:03:15.0941 7676 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
16:03:15.0941 7676 MTConfig - ok
16:03:15.0991 7676 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
16:03:16.0001 7676 Mup - ok
16:03:16.0041 7676 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
16:03:16.0041 7676 napagent - ok
16:03:16.0091 7676 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
16:03:16.0101 7676 NativeWifiP - ok
16:03:16.0171 7676 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
16:03:16.0191 7676 NDIS - ok
16:03:16.0211 7676 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
16:03:16.0211 7676 NdisCap - ok
16:03:16.0251 7676 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
16:03:16.0251 7676 NdisTapi - ok
16:03:16.0311 7676 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
16:03:16.0341 7676 Ndisuio - ok
16:03:16.0391 7676 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
16:03:16.0421 7676 NdisWan - ok
16:03:16.0451 7676 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
16:03:16.0481 7676 NDProxy - ok
16:03:16.0501 7676 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
16:03:16.0501 7676 NetBIOS - ok
16:03:16.0541 7676 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
16:03:16.0571 7676 NetBT - ok
16:03:16.0601 7676 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
16:03:16.0601 7676 Netlogon - ok
16:03:16.0661 7676 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
16:03:16.0671 7676 Netman - ok
16:03:16.0781 7676 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:03:16.0811 7676 NetMsmqActivator - ok
16:03:16.0811 7676 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:03:16.0811 7676 NetPipeActivator - ok
16:03:16.0841 7676 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
16:03:16.0851 7676 netprofm - ok
16:03:16.0961 7676 netr28ux (1a8e9c7464b57a453c336884e1c69b01) C:\Windows\system32\DRIVERS\netr28ux.sys
16:03:17.0001 7676 netr28ux - ok
16:03:17.0021 7676 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:03:17.0031 7676 NetTcpActivator - ok
16:03:17.0031 7676 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:03:17.0031 7676 NetTcpPortSharing - ok
16:03:17.0111 7676 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
16:03:17.0111 7676 nfrd960 - ok
16:03:17.0171 7676 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
16:03:17.0181 7676 NlaSvc - ok
16:03:17.0191 7676 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
16:03:17.0191 7676 Npfs - ok
16:03:17.0201 7676 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
16:03:17.0201 7676 nsi - ok
16:03:17.0211 7676 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
16:03:17.0211 7676 nsiproxy - ok
16:03:17.0301 7676 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
16:03:17.0341 7676 Ntfs - ok
16:03:17.0381 7676 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
16:03:17.0381 7676 Null - ok
16:03:17.0401 7676 nusb3hub (785298579b5f9b4032152dfbb992fdb6) C:\Windows\system32\DRIVERS\nusb3hub.sys
16:03:17.0431 7676 nusb3hub - ok
16:03:17.0451 7676 nusb3xhc (df2750481b4964814467c974f2b0eef1) C:\Windows\system32\DRIVERS\nusb3xhc.sys
16:03:17.0481 7676 nusb3xhc - ok
16:03:17.0541 7676 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
16:03:17.0571 7676 nvraid - ok
16:03:17.0631 7676 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
16:03:17.0661 7676 nvstor - ok
16:03:17.0701 7676 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
16:03:17.0711 7676 nv_agp - ok
16:03:17.0731 7676 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
16:03:17.0741 7676 ohci1394 - ok
16:03:17.0761 7676 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
16:03:17.0761 7676 p2pimsvc - ok
16:03:17.0781 7676 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
16:03:17.0801 7676 p2psvc - ok
16:03:17.0851 7676 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
16:03:17.0851 7676 Parport - ok
16:03:17.0911 7676 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
16:03:17.0941 7676 partmgr - ok
16:03:17.0961 7676 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
16:03:17.0961 7676 PcaSvc - ok
16:03:17.0991 7676 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
16:03:17.0991 7676 pci - ok
16:03:18.0001 7676 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
16:03:18.0001 7676 pciide - ok
16:03:18.0021 7676 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
16:03:18.0021 7676 pcmcia - ok
16:03:18.0031 7676 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
16:03:18.0041 7676 pcw - ok
16:03:18.0071 7676 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
16:03:18.0081 7676 PEAUTH - ok
16:03:18.0201 7676 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
16:03:18.0201 7676 PerfHost - ok
16:03:18.0311 7676 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
16:03:18.0341 7676 pla - ok
16:03:18.0381 7676 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
16:03:18.0381 7676 PlugPlay - ok
16:03:18.0411 7676 PnkBstrA - ok
16:03:18.0431 7676 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
16:03:18.0441 7676 PNRPAutoReg - ok
16:03:18.0461 7676 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
16:03:18.0461 7676 PNRPsvc - ok
16:03:18.0481 7676 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
16:03:18.0511 7676 PolicyAgent - ok
16:03:18.0531 7676 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
16:03:18.0541 7676 Power - ok
16:03:18.0591 7676 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
16:03:18.0621 7676 PptpMiniport - ok
16:03:18.0631 7676 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
16:03:18.0641 7676 Processor - ok
16:03:18.0691 7676 ProfSvc (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll
16:03:18.0691 7676 ProfSvc - ok
16:03:18.0721 7676 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
16:03:18.0721 7676 ProtectedStorage - ok
16:03:18.0771 7676 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
16:03:18.0781 7676 Psched - ok
16:03:18.0871 7676 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
16:03:18.0901 7676 ql2300 - ok
16:03:18.0941 7676 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
16:03:18.0951 7676 ql40xx - ok
16:03:18.0971 7676 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
16:03:18.0981 7676 QWAVE - ok
16:03:19.0001 7676 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
16:03:19.0001 7676 QWAVEdrv - ok
16:03:19.0081 7676 RalinkRegistryWriter (720fea3aaa15fe7e0beab10ac2e6d2b0) C:\Program Files (x86)\Hawking\Common\RaRegistry.exe
16:03:19.0131 7676 RalinkRegistryWriter - ok
16:03:19.0141 7676 RalinkRegistryWriter64 (178cef55e09dc320ff6561d4eeb4f632) C:\Program Files (x86)\Hawking\Common\RaRegistry64.exe
16:03:19.0171 7676 RalinkRegistryWriter64 - ok
16:03:19.0181 7676 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
16:03:19.0191 7676 RasAcd - ok
16:03:19.0241 7676 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
16:03:19.0241 7676 RasAgileVpn - ok
16:03:19.0251 7676 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
16:03:19.0251 7676 RasAuto - ok
16:03:19.0291 7676 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
16:03:19.0321 7676 Rasl2tp - ok
16:03:19.0361 7676 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
16:03:19.0381 7676 RasMan - ok
16:03:19.0391 7676 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
16:03:19.0401 7676 RasPppoe - ok
16:03:19.0441 7676 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
16:03:19.0441 7676 RasSstp - ok
16:03:19.0481 7676 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
16:03:19.0511 7676 rdbss - ok
16:03:19.0531 7676 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
16:03:19.0531 7676 rdpbus - ok
16:03:19.0541 7676 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
16:03:19.0541 7676 RDPCDD - ok
16:03:19.0581 7676 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
16:03:19.0581 7676 RDPENCDD - ok
16:03:19.0591 7676 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
16:03:19.0591 7676 RDPREFMP - ok
16:03:19.0621 7676 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys
16:03:19.0651 7676 RDPWD - ok
16:03:19.0711 7676 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
16:03:19.0741 7676 rdyboost - ok
16:03:19.0761 7676 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
16:03:19.0771 7676 RemoteAccess - ok
16:03:19.0781 7676 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
16:03:19.0781 7676 RemoteRegistry - ok
16:03:19.0821 7676 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
16:03:19.0831 7676 RpcEptMapper - ok
16:03:19.0851 7676 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
16:03:19.0851 7676 RpcLocator - ok
16:03:19.0901 7676 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
16:03:19.0911 7676 RpcSs - ok
16:03:19.0921 7676 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
16:03:19.0921 7676 rspndr - ok
16:03:19.0951 7676 RTL8167 (7ea8d2eb9bbfd2ab8a3117a1e96d3b3a) C:\Windows\system32\DRIVERS\Rt64win7.sys
16:03:19.0991 7676 RTL8167 - ok
16:03:20.0021 7676 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
16:03:20.0021 7676 SamSs - ok
16:03:20.0051 7676 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
16:03:20.0081 7676 sbp2port - ok
16:03:20.0121 7676 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
16:03:20.0121 7676 SCardSvr - ok
16:03:20.0161 7676 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
16:03:20.0191 7676 scfilter - ok
16:03:20.0271 7676 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
16:03:20.0331 7676 Schedule - ok
16:03:20.0381 7676 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
16:03:20.0381 7676 SCPolicySvc - ok
16:03:20.0421 7676 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
16:03:20.0441 7676 SDRSVC - ok
16:03:20.0501 7676 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
16:03:20.0501 7676 secdrv - ok
16:03:20.0531 7676 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
16:03:20.0561 7676 seclogon - ok
16:03:20.0571 7676 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
16:03:20.0571 7676 SENS - ok
16:03:20.0611 7676 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
16:03:20.0611 7676 SensrSvc - ok
16:03:20.0631 7676 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
16:03:20.0631 7676 Serenum - ok
16:03:20.0671 7676 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
16:03:20.0671 7676 Serial - ok
16:03:20.0681 7676 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
16:03:20.0681 7676 sermouse - ok
16:03:20.0721 7676 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
16:03:20.0751 7676 SessionEnv - ok
16:03:20.0771 7676 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
16:03:20.0781 7676 sffdisk - ok
16:03:20.0781 7676 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
16:03:20.0781 7676 sffp_mmc - ok
16:03:20.0791 7676 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
16:03:20.0821 7676 sffp_sd - ok
16:03:20.0831 7676 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
16:03:20.0831 7676 sfloppy - ok
16:03:20.0891 7676 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
16:03:20.0901 7676 SharedAccess - ok
16:03:20.0951 7676 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
16:03:20.0971 7676 ShellHWDetection - ok
16:03:21.0031 7676 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
16:03:21.0041 7676 SiSRaid2 - ok
16:03:21.0051 7676 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
16:03:21.0051 7676 SiSRaid4 - ok
16:03:21.0291 7676 Skype C2C Service (2a99850c2a6edd6c6602e822c716edaf) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
16:03:21.0341 7676 Skype C2C Service - ok
16:03:21.0441 7676 SkypeUpdate (6128e98eaaed364ed1a32708d2fd22cb) C:\Program Files (x86)\Skype\Updater\Updater.exe
16:03:21.0451 7676 SkypeUpdate - ok
16:03:21.0501 7676 Smart TimeLock (101556f6216e97f1258d87c38203695f) C:\Program Files (x86)\GIGABYTE\Smart6\Timelock\TimeMgmtDaemon.exe
16:03:21.0541 7676 Smart TimeLock - ok
16:03:21.0631 7676 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
16:03:21.0641 7676 Smb - ok
16:03:21.0691 7676 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
16:03:21.0691 7676 SNMPTRAP - ok
16:03:21.0701 7676 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
16:03:21.0711 7676 spldr - ok
16:03:21.0751 7676 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
16:03:21.0791 7676 Spooler - ok
16:03:21.0961 7676 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
16:03:21.0971 7676 sppsvc - ok
16:03:22.0001 7676 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
16:03:22.0001 7676 sppuinotify - ok
16:03:22.0051 7676 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
16:03:22.0091 7676 srv - ok
16:03:22.0151 7676 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
16:03:22.0191 7676 srv2 - ok
16:03:22.0231 7676 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
16:03:22.0261 7676 srvnet - ok
16:03:22.0311 7676 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
16:03:22.0311 7676 SSDPSRV - ok
16:03:22.0321 7676 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
16:03:22.0321 7676 SstpSvc - ok
16:03:22.0391 7676 Steam Client Service - ok
16:03:22.0411 7676 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
16:03:22.0411 7676 stexstor - ok
16:03:22.0461 7676 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
16:03:22.0491 7676 stisvc - ok
16:03:22.0521 7676 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
16:03:22.0521 7676 swenum - ok
16:03:22.0551 7676 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
16:03:22.0561 7676 swprv - ok
16:03:22.0651 7676 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
16:03:22.0671 7676 SysMain - ok
16:03:22.0751 7676 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
16:03:22.0771 7676 TabletInputService - ok
16:03:22.0831 7676 tap0901t (b08740047145b9bce15bf75ca0f9718a) C:\Windows\system32\DRIVERS\tap0901t.sys
16:03:22.0861 7676 tap0901t - ok
16:03:22.0901 7676 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
16:03:22.0921 7676 TapiSrv - ok
16:03:22.0931 7676 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
16:03:22.0931 7676 TBS - ok
16:03:23.0031 7676 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
16:03:23.0091 7676 Tcpip - ok
16:03:23.0211 7676 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
16:03:23.0221 7676 TCPIP6 - ok
16:03:23.0271 7676 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
16:03:23.0301 7676 tcpipreg - ok
16:03:23.0321 7676 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
16:03:23.0321 7676 TDPIPE - ok
16:03:23.0351 7676 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
16:03:23.0381 7676 TDTCP - ok
16:03:23.0441 7676 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
16:03:23.0471 7676 tdx - ok
16:03:23.0501 7676 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
16:03:23.0531 7676 TermDD - ok
16:03:23.0581 7676 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
16:03:23.0611 7676 TermService - ok
16:03:23.0621 7676 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
16:03:23.0631 7676 Themes - ok
16:03:23.0641 7676 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
16:03:23.0641 7676 THREADORDER - ok
16:03:23.0661 7676 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
16:03:23.0661 7676 TrkWks - ok
16:03:23.0711 7676 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
16:03:23.0711 7676 TrustedInstaller - ok
16:03:23.0741 7676 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
16:03:23.0771 7676 tssecsrv - ok
16:03:23.0821 7676 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
16:03:23.0841 7676 TsUsbFlt - ok
16:03:23.0901 7676 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
16:03:23.0931 7676 tunnel - ok
16:03:24.0091 7676 TunngleService (f8302e3e534af5e3f2588a974bea80df) C:\Program Files (x86)\Tunngle\TnglCtrl.exe
16:03:24.0151 7676 TunngleService - ok
16:03:24.0171 7676 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
16:03:24.0181 7676 uagp35 - ok
16:03:24.0221 7676 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
16:03:24.0251 7676 udfs - ok
16:03:24.0271 7676 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
16:03:24.0271 7676 UI0Detect - ok
16:03:24.0301 7676 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
16:03:24.0301 7676 uliagpkx - ok
16:03:24.0381 7676 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
16:03:24.0431 7676 umbus - ok
16:03:24.0481 7676 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
16:03:24.0481 7676 UmPass - ok
16:03:24.0511 7676 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
16:03:24.0511 7676 upnphost - ok
16:03:24.0551 7676 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
16:03:24.0581 7676 usbccgp - ok
16:03:24.0631 7676 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
16:03:24.0641 7676 usbcir - ok
16:03:24.0671 7676 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
16:03:24.0701 7676 usbehci - ok
16:03:24.0721 7676 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
16:03:24.0751 7676 usbhub - ok
16:03:24.0761 7676 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
16:03:24.0791 7676 usbohci - ok
16:03:24.0801 7676 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
16:03:24.0801 7676 usbprint - ok
16:03:24.0841 7676 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
16:03:24.0871 7676 USBSTOR - ok
16:03:24.0871 7676 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\DRIVERS\usbuhci.sys
16:03:24.0901 7676 usbuhci - ok
16:03:24.0911 7676 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
16:03:24.0911 7676 UxSms - ok
16:03:24.0941 7676 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
16:03:24.0941 7676 VaultSvc - ok
16:03:24.0951 7676 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
16:03:24.0951 7676 vdrvroot - ok
16:03:25.0001 7676 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
16:03:25.0001 7676 vds - ok
16:03:25.0021 7676 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
16:03:25.0021 7676 vga - ok
16:03:25.0021 7676 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
16:03:25.0031 7676 VgaSave - ok
16:03:25.0061 7676 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
16:03:25.0101 7676 vhdmp - ok
16:03:25.0121 7676 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
16:03:25.0121 7676 viaide - ok
16:03:25.0141 7676 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
16:03:25.0181 7676 volmgr - ok
16:03:25.0221 7676 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
16:03:25.0261 7676 volmgrx - ok
16:03:25.0281 7676 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
16:03:25.0291 7676 volsnap - ok
16:03:25.0331 7676 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
16:03:25.0331 7676 vsmraid - ok
16:03:25.0421 7676 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
16:03:25.0421 7676 VSS - ok
16:03:25.0481 7676 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
16:03:25.0481 7676 vwifibus - ok
16:03:25.0531 7676 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
16:03:25.0531 7676 vwififlt - ok
16:03:25.0571 7676 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
16:03:25.0581 7676 vwifimp - ok
16:03:25.0601 7676 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
16:03:25.0611 7676 W32Time - ok
16:03:25.0621 7676 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
16:03:25.0621 7676 WacomPen - ok
16:03:25.0671 7676 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
16:03:25.0701 7676 WANARP - ok
16:03:25.0711 7676 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
16:03:25.0721 7676 Wanarpv6 - ok
16:03:25.0801 7676 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
16:03:25.0841 7676 WatAdminSvc - ok
16:03:25.0931 7676 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
16:03:25.0971 7676 wbengine - ok
16:03:26.0021 7676 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
16:03:26.0021 7676 WbioSrvc - ok
16:03:26.0071 7676 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
16:03:26.0091 7676 wcncsvc - ok
16:03:26.0111 7676 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
16:03:26.0121 7676 WcsPlugInService - ok
16:03:26.0131 7676 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
16:03:26.0131 7676 Wd - ok
16:03:26.0171 7676 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
16:03:26.0231 7676 Wdf01000 - ok
16:03:26.0261 7676 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
16:03:26.0261 7676 WdiServiceHost - ok
16:03:26.0271 7676 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
16:03:26.0271 7676 WdiSystemHost - ok
16:03:26.0301 7676 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
16:03:26.0321 7676 WebClient - ok
16:03:26.0341 7676 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
16:03:26.0351 7676 Wecsvc - ok
16:03:26.0361 7676 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
16:03:26.0361 7676 wercplsupport - ok
16:03:26.0401 7676 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
16:03:26.0401 7676 WerSvc - ok
16:03:26.0451 7676 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
16:03:26.0451 7676 WfpLwf - ok
16:03:26.0461 7676 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
16:03:26.0461 7676 WIMMount - ok
16:03:26.0481 7676 WinDefend - ok
16:03:26.0491 7676 WinHttpAutoProxySvc - ok
16:03:26.0531 7676 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
16:03:26.0531 7676 Winmgmt - ok
16:03:26.0631 7676 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
16:03:26.0671 7676 WinRM - ok
16:03:26.0791 7676 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
16:03:26.0791 7676 Wlansvc - ok
16:03:26.0971 7676 wlidsvc (2bacd71123f42cea603f4e205e1ae337) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
16:03:27.0031 7676 wlidsvc - ok
16:03:27.0081 7676 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
16:03:27.0081 7676 WmiAcpi - ok
16:03:27.0101 7676 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
16:03:27.0111 7676 wmiApSrv - ok
16:03:27.0111 7676 WMPNetworkSvc - ok
16:03:27.0121 7676 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
16:03:27.0121 7676 WPCSvc - ok
16:03:27.0161 7676 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
16:03:27.0181 7676 WPDBusEnum - ok
16:03:27.0191 7676 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
16:03:27.0191 7676 ws2ifsl - ok
16:03:27.0211 7676 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll
16:03:27.0211 7676 wscsvc - ok
16:03:27.0211 7676 WSearch - ok
16:03:27.0331 7676 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll
16:03:27.0371 7676 wuauserv - ok
16:03:27.0421 7676 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
16:03:27.0451 7676 WudfPf - ok
16:03:27.0501 7676 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
16:03:27.0531 7676 WUDFRd - ok
16:03:27.0561 7676 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
16:03:27.0581 7676 wudfsvc - ok
16:03:27.0591 7676 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
16:03:27.0601 7676 WwanSvc - ok
16:03:27.0871 7676 X6va005 - ok
16:03:27.0911 7676 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
16:03:27.0941 7676 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - infected
16:03:27.0941 7676 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Pihar.c (0)
16:03:27.0961 7676 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
16:03:27.0961 7676 \Device\Harddisk0\DR0 - detected TDSS File System (1)
16:03:27.0991 7676 Boot (0x1200) (55135bd8bff6bc80e2fcdb526769eaff) \Device\Harddisk0\DR0\Partition0
16:03:27.0991 7676 \Device\Harddisk0\DR0\Partition0 - ok
16:03:27.0991 7676 Boot (0x1200) (9555a9bd3e74ba80705b688ba0afd5f2) \Device\Harddisk0\DR0\Partition1
16:03:27.0991 7676 \Device\Harddisk0\DR0\Partition1 - ok
16:03:27.0991 7676 ============================================================
16:03:27.0991 7676 Scan finished
16:03:27.0991 7676 ============================================================
16:03:28.0001 6624 Detected object count: 2
16:03:28.0001 6624 Actual detected object count: 2
16:04:17.0551 6624 \Device\Harddisk0\DR0\# - copied to quarantine
16:04:17.0551 6624 \Device\Harddisk0\DR0 - copied to quarantine
16:04:17.0611 6624 \Device\Harddisk0\DR0\TDLFS\cmd.dll - copied to quarantine
16:04:17.0721 6624 \Device\Harddisk0\DR0\TDLFS\cmd64.dll - copied to quarantine
16:04:17.0751 6624 \Device\Harddisk0\DR0\TDLFS\sub.dll - copied to quarantine
16:04:22.0341 6624 \Device\Harddisk0\DR0\TDLFS\subx.dll - copied to quarantine
16:04:22.0371 6624 \Device\Harddisk0\DR0\TDLFS\drv32 - copied to quarantine
16:04:26.0561 6624 \Device\Harddisk0\DR0\TDLFS\drv64 - copied to quarantine
16:04:26.0601 6624 \Device\Harddisk0\DR0\TDLFS\servers.dat - copied to quarantine
16:04:26.0661 6624 \Device\Harddisk0\DR0\TDLFS\config.ini - copied to quarantine
16:04:26.0661 6624 \Device\Harddisk0\DR0\TDLFS\ldr16 - copied to quarantine
16:04:26.0671 6624 \Device\Harddisk0\DR0\TDLFS\ldr32 - copied to quarantine
16:04:26.0711 6624 \Device\Harddisk0\DR0\TDLFS\ldr64 - copied to quarantine
16:04:26.0781 6624 \Device\Harddisk0\DR0\TDLFS\s - copied to quarantine
16:04:26.0781 6624 \Device\Harddisk0\DR0\TDLFS\ldrm - copied to quarantine
16:04:26.0791 6624 \Device\Harddisk0\DR0\TDLFS\u - copied to quarantine
16:04:26.0821 6624 \Device\Harddisk0\DR0\TDLFS\ph.dll - copied to quarantine
16:04:26.0981 6624 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - will be cured on reboot
16:04:27.0001 6624 \Device\Harddisk0\DR0 - ok
16:04:27.0001 6624 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - User select action: Cure
16:04:27.0001 6624 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
16:04:27.0001 6624 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip

****end****


SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 07/07/2012 at 04:31 PM

Application Version : 5.5.1006

Core Rules Database Version : 8862
Trace Rules Database Version: 6674

Scan type : Complete Scan
Total Scan Time : 00:06:35

Operating System Information
Windows 7 Home Premium 64-bit, Service Pack 1 (Build 6.01.7601)
UAC Off - Administrator

Memory items scanned : 814
Memory threats detected : 0
Registry items scanned : 66250
Registry threats detected : 22
File items scanned : 13588
File threats detected : 447

Adware.HBHelper
(x86) HKCR\CLSID\{CA3EB689-8F09-4026-AA10-B9534C691CE0}
(x86) HKCR\CLSID\{CA3EB689-8F09-4026-AA10-B9534C691CE0}\InprocServer32
(x86) HKCR\CLSID\{CA3EB689-8F09-4026-AA10-B9534C691CE0}\InprocServer32#ThreadingModel
(x86) HKCR\CLSID\{CA3EB689-8F09-4026-AA10-B9534C691CE0}\ProgID
(x86) HKCR\CLSID\{CA3EB689-8F09-4026-AA10-B9534C691CE0}\TypeLib
(x86) HKCR\CLSID\{CA3EB689-8F09-4026-AA10-B9534C691CE0}\VersionIndependentProgID
(x86) HKLM\Software\Classes\CLSID\{CA3EB689-8F09-4026-AA10-B9534C691CE0}
(x86) HKCR\CLSID\{CA3EB689-8F09-4026-AA10-B9534C691CE0}
(x86) HKCR\URLSearchHook.ToolbarURLSearchHook.1
(x86) HKCR\URLSearchHook.ToolbarURLSearchHook.1\CLSID
(x86) HKCR\URLSearchHook.ToolbarURLSearchHook
(x86) HKCR\URLSearchHook.ToolbarURLSearchHook\CLSID
(x86) HKCR\TypeLib\{4509D3CC-B642-4745-B030-645B79522C6D}
(x86) HKCR\TypeLib\{4509D3CC-B642-4745-B030-645B79522C6D}\1.0
(x86) HKCR\TypeLib\{4509D3CC-B642-4745-B030-645B79522C6D}\1.0\0
(x86) HKCR\TypeLib\{4509D3CC-B642-4745-B030-645B79522C6D}\1.0\0\win32
(x86) HKCR\TypeLib\{4509D3CC-B642-4745-B030-645B79522C6D}\1.0\FLAGS
(x86) HKCR\TypeLib\{4509D3CC-B642-4745-B030-645B79522C6D}\1.0\HELPDIR
C:\PROGRAM FILES (X86)\DEALBULLDOG TOOLBAR\TBHELPER.DLL

Browser Hijacker.Deskbar
(x86) HKCR\Interface\{4897BBA6-48D9-468C-8EFA-846275D7701B}
(x86) HKCR\Interface\{4897BBA6-48D9-468C-8EFA-846275D7701B}\ProxyStubClsid32
(x86) HKCR\Interface\{4897BBA6-48D9-468C-8EFA-846275D7701B}\TypeLib
(x86) HKCR\Interface\{4897BBA6-48D9-468C-8EFA-846275D7701B}\TypeLib#Version

Adware.Tracking Cookie
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\chris@a1.interclick[1].txt [ /a1.interclick ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\chris@accounts.google[1].txt [ /accounts.google ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\chris@ad.360yield[2].txt [ /ad.360yield ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\chris@ad.wsod[2].txt [ /ad.wsod ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\chris@ad.yieldmanager[2].txt [ /ad.yieldmanager ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\chris@adbrite[2].txt [ /adbrite ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\chris@adfarm1.adition[2].txt [ /adfarm1.adition ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\chris@adlegend[2].txt [ /adlegend ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\chris@ads.ad4game[2].txt [ /ads.ad4game ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\chris@ads.advancedmn[1].txt [ /ads.advancedmn ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\chris@ads.bridgetrack[1].txt [ /ads.bridgetrack ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\chris@ads.intergi[1].txt [ /ads.intergi ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\chris@ads.networldmedia[1].txt [ /ads.networldmedia ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\chris@ads.pointroll[2].txt [ /ads.pointroll ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\chris@ads.pubmatic[1].txt [ /ads.pubmatic ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\chris@ads.undertone[1].txt [ /ads.undertone ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\chris@adserv.rotator.hadj7.adjuggler[1].txt [ /adserv.rotator.hadj7.adjuggler ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\chris@adserver.adtechus[1].txt [ /adserver.adtechus ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\chris@adserver1.w00tmedia[1].txt [ /adserver1.w00tmedia ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\chris@adtech[1].txt [ /adtech ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\chris@advertising[1].txt [ /advertising ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\chris@adxpose[1].txt [ /adxpose ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\chris@adxpose[2].txt [ /adxpose ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\chris@apmebf[2].txt [ /apmebf ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\chris@ar.atwola[1].txt [ /ar.atwola ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\chris@assist.mediacomcable[1].txt [ /assist.mediacomcable ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\chris@at.atwola[2].txt [ /at.atwola ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\chris@atdmt[1].txt [ /atdmt ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\chris@azjmp[2].txt [ /azjmp ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\chris@beacon.dmsinsights[1].txt [ /beacon.dmsinsights ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\chris@beacon.dmsinsights[3].txt [ /beacon.dmsinsights ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\chris@brandspotmedia[1].txt [ /brandspotmedia ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\chris@bs.serving-sys[1].txt [ /bs.serving-sys ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\chris@burstbeacon[1].txt [ /burstbeacon ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\chris@burstbeacon[3].txt [ /burstbeacon ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\chris@burstnet[1].txt [ /burstnet ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\chris@c.gigcount[1].txt [ /c.gigcount ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\chris@casalemedia[2].txt [ /casalemedia ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\chris@cdn1.trafficmp[2].txt [ /cdn1.trafficmp ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\chris@citi.bridgetrack[2].txt [ /citi.bridgetrack ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\chris@citi.bridgetrack[3].txt [ /citi.bridgetrack ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\chris@clickbank[1].txt [ /clickbank ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\chris@collective-media[2].txt [ /collective-media ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\chris@content.yieldmanager[1].txt [ /content.yieldmanager ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\chris@content.yieldmanager[3].txt [ /content.yieldmanager ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\chris@dc.tremormedia[1].txt [ /dc.tremormedia ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\chris@doubleclick[2].txt [ /doubleclick ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\chris@edgeadx[1].txt [ /edgeadx ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\chris@eyewonder[1].txt [ /eyewonder ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\chris@fastclick[2].txt [ /fastclick ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\chris@gametracker[1].txt [ /gametracker ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\chris@gametracker[2].txt [ /gametracker ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\chris@gametracker[3].txt [ /gametracker ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\chris@googleads.g.doubleclick[1].txt [ /googleads.g.doubleclick ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\chris@gr.burstnet[1].txt [ /gr.burstnet ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\chris@hearstmagazines.112.2o7[1].txt [ /hearstmagazines.112.2o7 ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\chris@hhm.rotator.hadj7.adjuggler[2].txt [ /hhm.rotator.hadj7.adjuggler ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\chris@homestore.122.2o7[1].txt [ /homestore.122.2o7 ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\chris@hotlog[1].txt [ /hotlog ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\chris@imrworldwide[2].txt [ /imrworldwide ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\chris@in.getclicky[1].txt [ /in.getclicky ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\chris@insightexpressai[2].txt [ /insightexpressai ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\chris@interclick[1].txt [ /interclick ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\chris@intermundomedia[2].txt [ /intermundomedia ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\chris@invitemedia[2].txt [ /invitemedia ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\chris@kontera[1].txt [ /kontera ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\chris@legolas-media[1].txt [ /legolas-media ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\chris@lucidmedia[1].txt [ /lucidmedia ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\chris@lucidmedia[3].txt [ /lucidmedia ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\chris@lucidmedia[4].txt [ /lucidmedia ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\chris@media.adfrontiers[1].txt [ /media.adfrontiers ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\chris@media.adfrontiers[2].txt [ /media.adfrontiers ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\chris@media6degrees[1].txt [ /media6degrees ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\chris@mediabrandsww[1].txt [ /mediabrandsww ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\chris@mediabrandsww[2].txt [ /mediabrandsww ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\chris@mediacomcable[1].txt [ /mediacomcable ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\chris@mediacomtoday[1].txt [ /mediacomtoday ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\chris@mediafire[1].txt [ /mediafire ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\chris@mediaplex[2].txt [ /mediaplex ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\chris@mediaservices-d.openxenterprise[2].txt [ /mediaservices-d.openxenterprise ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\chris@microsofthalo.122.2o7[1].txt [ /microsofthalo.122.2o7 ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\chris@networldmedia[2].txt [ /networldmedia ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\chris@pointroll[2].txt [ /pointroll ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\chris@pro-market[2].txt [ /pro-market ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\chris@questionmarket[1].txt [ /questionmarket ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\chris@questionmarket[3].txt [ /questionmarket ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\chris@r1-ads.ace.advertising[2].txt [ /r1-ads.ace.advertising ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\chris@realmedia[2].txt [ /realmedia ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\chris@rev.remnantmedianetwork[2].txt [ /rev.remnantmedianetwork ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\chris@revsci[1].txt [ /revsci ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\chris@rotator.adjuggler[1].txt [ /rotator.adjuggler ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\chris@ru4[1].txt [ /ru4 ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\chris@searchassist.mediacomcable[2].txt [ /searchassist.mediacomcable ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\chris@server.cpmstar[1].txt [ /server.cpmstar ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\chris@server.cpmstar[2].txt [ /server.cpmstar ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\chris@serving-sys[1].txt [ /serving-sys ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\chris@sexual-lobster.newgrounds[1].txt [ /sexual-lobster.newgrounds ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\chris@solvemedia[2].txt [ /solvemedia ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\chris@solvemedia[3].txt [ /solvemedia ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\chris@specificclick[1].txt [ /specificclick ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\chris@spylog[1].txt [ /spylog ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\chris@statcounter[2].txt [ /statcounter ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\chris@stats.ilivid[1].txt [ /stats.ilivid ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\chris@synacor.112.2o7[1].txt [ /synacor.112.2o7 ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\chris@tacoda.at.atwola[2].txt [ /tacoda.at.atwola ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\chris@tracking.hostgator[1].txt [ /tracking.hostgator ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\chris@trackit.sitescout[2].txt [ /trackit.sitescout ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\chris@trafficking.nabbr[1].txt [ /trafficking.nabbr ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\chris@trafficmp[1].txt [ /trafficmp ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\chris@tribalfusion[2].txt [ /tribalfusion ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\chris@user.lucidmedia[1].txt [ /user.lucidmedia ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\chris@vitamine.networldmedia[1].txt [ /vitamine.networldmedia ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\chris@web-traffic-analysis[1].txt [ /web-traffic-analysis ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\chris@www.burstbeacon[1].txt [ /www.burstbeacon ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\chris@www.burstnet[2].txt [ /www.burstnet ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\chris@www.gametracker[1].txt [ /www.gametracker ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\chris@www.googleadservices[2].txt [ /www.googleadservices ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\chris@www.mediacomtoday[2].txt [ /www.mediacomtoday ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\chris@www.mediafire[2].txt [ /www.mediafire ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\chris@yadro[2].txt [ /yadro ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\chris@yieldmanager[1].txt [ /yieldmanager ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\chris@zedo[2].txt [ /zedo ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\chris@ziggymedia.go2cloud[2].txt [ /ziggymedia.go2cloud ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\A4PKZWF8.txt [ /advertising.com ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\KZAMT6PD.txt [ /myroitracking.com ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\I83JWNSH.txt [ /apmebf.com ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\RQ8ANQA8.txt [ /pointroll.com ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\7W41VSUY.txt [ /www.mediafire.com ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\D9J7BCWN.txt [ /yieldmanager.net ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\DOGUW2QI.txt [ /tribalfusion.com ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\FBT0PXHJ.txt [ /www.mediafire-links.com ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\X7FK9ID4.txt [ /collective-media.net ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\E2TFOCY1.txt [ /adlegend.com ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\H2871U5U.txt [ /adserver1.w00tmedia.net ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\FZE8WOG3.txt [ /zedo.com ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\Y4ER4SLE.txt [ /xm.xtendmedia.com ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\MZALUAXC.txt [ /media6degrees.com ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\YPJMY4IX.txt [ /eyewonder.com ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\DX5WVWD0.txt [ /synacor.112.2o7.net ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\FWFU5FTB.txt [ /mtvn.112.2o7.net ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\1OZ1203J.txt [ /adtech.de ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\GWMVG98R.txt [ /burstnet.com ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\UOC1L5FX.txt [ /imrworldwide.com ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\NIQAZTFO.txt [ /trafficmp.com ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\GMIERO0V.txt [ /mediafire.com ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\ALI697YX.txt [ /adserver.adtechus.com ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\LX8UU5FD.txt [ /accounts.google.com ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\91MH0XOH.txt [ /ad1.adtitan.net ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\GEYETJ4N.txt [ /in.getclicky.com ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\I2OYSABR.txt [ /a1.interclick.com ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\WYFICOU0.txt [ /ads.pubmatic.com ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\4DB38JP6.txt [ /eaeacom.112.2o7.net ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\SOOZ6EPJ.txt [ /ads.pointroll.com ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\RRM58ECW.txt [ /intermundomedia.com ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\J21BLI9C.txt [ /weborama.fr ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\ROETLOCS.txt [ /realmedia.com ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\U6Q2X5QU.txt [ /interclick.com ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\J7D1J5NC.txt [ /linksynergy.com ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\41UCAYSL.txt [ /mm.chitika.net ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\UOFGU845.txt [ /accounts.google.com ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\9U05JP8A.txt [ /pro-market.net ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\BDEMBUXO.txt [ /insightexpressai.com ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\1EV1DVHA.txt [ /clicksor.com ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\U1UUSKM2.txt [ /adinterax.com ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\U8ACX7AJ.txt [ /questionmarket.com ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\0M4GS60L.txt [ /assist.mediacomcable.com ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\P6K884T6.txt [ /lfstmedia.com ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\MO51W2QN.txt [ /akamai.interclickproxy.com ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\JZ4BVZJI.txt [ /ads.undertone.com ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\WOAT1GZG.txt [ /ad.yieldmanager.com ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\4TYRNX4J.txt [ /sdabocconi.solution.weborama.fr ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\KA5OM8JO.txt [ /rakuten.112.2o7.net ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\L1GC12MD.txt [ /fastclick.net ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\48694CEG.txt [ /paypal.112.2o7.net ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\CEGSF8RL.txt [ /mediacomtoday.com ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\4QLOABWO.txt [ /content.yieldmanager.com ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\8C46HPCQ.txt [ /bs.serving-sys.com ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\ZH1N02WR.txt [ /adxpansion.com ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\MHZ0BQKK.txt [ /ads.ad4game.com ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\YHW6HHEX.txt [ /c.atdmt.com ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\MIBAVRYL.txt [ /ru4.com ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\Q983419I.txt [ /invitemedia.com ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\1EXKLQ2K.txt [ /sexual-lobster.newgrounds.com ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\M31VMY70.txt [ /openstat.net ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\4O30ZP8H.txt [ /atdmt.com ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\Q5EFFP64.txt [ /lucidmedia.com ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\Y1RRBYNN.txt [ /ad2.adfarm1.adition.com ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\LVIHM1XA.txt [ /ad.adperium.com ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\QHX787RO.txt [ /mediaservices-d.openxenterprise.com ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\SN0XP63K.txt [ /www.burstnet.com ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\OCTGFC4Q.txt [ /advertising.com ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\FC8EHQ1C.txt [ /doubleclick.net ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\VH0VXF1H.txt [ /histats.com ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\U4MAHNX1.txt [ /ads.eurogamer.net ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\4BHJWI0D.txt [ /statcounter.com ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\UUUCH7EV.txt [ /fidelity.rotator.hadj7.adjuggler.net ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\MSWCTCOE.txt [ /specificclick.net ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\QBAOSVLY.txt [ /purebluemedia.com ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\8XMH6LST.txt [ /adbrite.com ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\OF59B1QU.txt [ /revsci.net ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\03VYS9YX.txt [ /azjmp.com ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\9J3V9EIJ.txt [ /dc.tremormedia.com ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\VK7L6XWH.txt [ /amazon-adsystem.com ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\5197HUUM.txt [ /serving-sys.com ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\VXQNFI7Q.txt [ /ads.intelco.com.br ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\G30PS3LH.txt [ /ero-advertising.com ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\T4G30YDI.txt [ /exoclick.com ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\723CG530.txt [ /kontera.com ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\X76CS2NZ.txt [ /pornoeye.com ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\Z9W6RTI2.txt [ /crackle.com ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\4A2920R8.txt [ /www.cracked.com ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\E66SWCI1.txt [ /uk.sitestat.com ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\BSS8QRGD.txt [ /accounts.google.com ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\AWH12MQH.txt [ /at.atwola.com ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\3NH90SMF.txt [ /ar.atwola.com ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\M0VKCFVK.txt [ /adfarm1.adition.com ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\DAU315PA.txt [ /lego.112.2o7.net ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\O8HZIBWQ.txt [ /www.crackle.com ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\4EA8S3TR.txt [ /mediaplex.com ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\05W5PTTW.txt [ /accounts.google.com ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\U69Y966B.txt [ /userporn.com ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\C0N7PALC.txt [ /gandermountain.112.2o7.net ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\XUCXFC9O.txt [ /ad.mxtv.co.jp ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\JO3H0U80.txt [ /ads.us.e-planning.net ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\1N0WGN3G.txt [ /accounts.youtube.com ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\LUVJA3UF.txt [ /searchassist.mediacomcable.com ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\HHAZQBL6.txt [ /www.burstbeacon.com ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\FYPJCZOO.txt [ /server.cpmstar.com ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\0IX93QRE.txt [ /kanoodle.com ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\DLSL955U.txt [ /casalemedia.com ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\X6RQMRI5.txt [ /aim4media.com ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\JVJZ2OTV.txt [ /romnation.net ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\VBTN450A.txt [ /www.sextronix.com ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\LFYZPIXZ.txt [ /mediaforge.com ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\AR764D6P.txt [ /microsoftsto.112.2o7.net ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\N3P1FO2G.txt [ /sexfortunegames.newgrounds.com ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\2IS62BR9.txt [ /burstbeacon.com ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\DFFCZ9PZ.txt [ /account.hirezstudios.com ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\7XEKGZUG.txt [ /ads.intergi.com ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\EDSZQPGQ.txt [ /www.googleadservices.com ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\7KLQC9AY.txt [ /ad.360yield.com ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\Y2S2WJ3L.txt [ /tradedoubler.com ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\81TU3KWE.txt [ /ads.adk2.com ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\G2218I46.txt [ /legolas-media.com ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\R05S3KLK.txt [ /publishers.domainadvertising.com ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\M13T719G.txt [ /gsimedia.net ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\FFOUSE3S.txt [ /adv.cosplay.com ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\BVUXE3RP.txt [ /account.live.com ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\MNQOZK8K.txt [ /openstat.net ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\Y07AKRMA.txt [ /ads.saymedia.com ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\0FZ5G3IB.txt [ /media.xfire.com ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\D14PW3B4.txt [ /c1.atdmt.com ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\8WP3N30L.txt [ /www.mediafiregames4free.com ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\EKISVCV6.txt [ /cracked.com ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\TTAP8EM4.txt [ /openx1.overadmedia.com ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\L1RB5AHD.txt [ /ads.gamerpublishing.com ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\A2SSA5CF.txt [ /ads.newgrounds.com ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\B6OSFKBP.txt [ /www.crackle.com ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\G86JMNMK.txt [ /overtons.112.2o7.net ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\YC9P82ZX.txt [ /247realmedia.com ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\MH8QC6DK.txt [ /ads.creative-serving.com ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\L9T28WXQ.txt [ /uk.sitestat.com ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\WH8QV4G7.txt [ /click.findsearchengineresults.com ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\WI0B2ZN4.txt [ /stats.paypal.com ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\ZE4G26VZ.txt [ /ads2.zeusclicks.com ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\LZ75DIO9.txt [ /adserver.valwa.com ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\YDVVMBXR.txt [ /googleads.g.doubleclick.net ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\QDGAF7IK.txt [ /network.realmedia.com ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\K6WD5BM9.txt [ /d.mediaforge.com ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\4IYGXMHI.txt [ /martiniadnetwork.com ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\J6TFIJ4S.txt [ /nextag.com ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\C2EOOT4F.txt [ /statse.webtrendslive.com ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\EVNMLIPA.txt [ /mediacomcable.com ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\F6UU1SOM.txt [ /yieldmanager.com ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\1N9BEHKM.txt [ /www.googleadservices.com ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\WJVITSFN.txt [ /media.photobucket.com ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\52Q4L8MI.txt [ /dmtracker.com ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\L7SWSP8A.txt [ /pfa.rotator.hadj7.adjuggler.net ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\7DR24342.txt [ /www.googleadservices.com ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\B0MGLZ4W.txt [ /tacoda.at.atwola.com ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\WWY1BBWO.txt [ /tacoda.net ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\3H88PQ1N.txt [ /www.mediacomtoday.com ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\BCE5YH16.txt [ /ads.msv-inc.com ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\KH20774R.txt [ /ads.glispa.com ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\T2DL5735.txt [ /clickbooth.com ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\SX5ZN2Z3.txt [ /ads.bleepingcomputer.com ]
C:\USERS\CHRIS\AppData\Roaming\Microsoft\Windows\Cookies\6KUTP7AQ.txt [ Cookie:chris@www.google.com/accounts ]
C:\USERS\CHRIS\AppData\Roaming\Microsoft\Windows\Cookies\1D9BJD88.txt [ Cookie:chris@google.com/accounts/ ]
C:\USERS\CHRIS\AppData\Roaming\Microsoft\Windows\Cookies\chris@armorgames[6].txt [ Cookie:chris@armorgames.com/doubleclick/ ]
C:\USERS\CHRIS\AppData\Roaming\Microsoft\Windows\Cookies\7YCAPKHG.txt [ Cookie:chris@static2.animeseason.com/ads/vcm/ ]
C:\USERS\CHRIS\AppData\Roaming\Microsoft\Windows\Cookies\Low\chris@dc.tremormedia[2].txt [ Cookie:chris@dc.tremormedia.com/ ]
C:\USERS\CHRIS\AppData\Roaming\Microsoft\Windows\Cookies\Low\chris@pointroll[2].txt [ Cookie:chris@pointroll.com/ ]
C:\USERS\CHRIS\AppData\Roaming\Microsoft\Windows\Cookies\Low\chris@yieldmanager[1].txt [ Cookie:chris@yieldmanager.net/ ]
C:\USERS\CHRIS\AppData\Roaming\Microsoft\Windows\Cookies\Low\chris@collective-media[2].txt [ Cookie:chris@collective-media.net/ ]
C:\USERS\CHRIS\AppData\Roaming\Microsoft\Windows\Cookies\Low\chris@synacor.112.2o7[1].txt [ Cookie:chris@synacor.112.2o7.net/ ]
C:\USERS\CHRIS\AppData\Roaming\Microsoft\Windows\Cookies\Low\chris@adserver.adtechus[1].txt [ Cookie:chris@adserver.adtechus.com/ ]
C:\USERS\CHRIS\AppData\Roaming\Microsoft\Windows\Cookies\Low\chris@solvemedia[2].txt [ Cookie:chris@solvemedia.com/ ]
C:\USERS\CHRIS\AppData\Roaming\Microsoft\Windows\Cookies\Low\chris@ads.pointroll[2].txt [ Cookie:chris@ads.pointroll.com/ ]
C:\USERS\CHRIS\AppData\Roaming\Microsoft\Windows\Cookies\Low\chris@searchassist.mediacomcable[1].txt [ Cookie:chris@searchassist.mediacomcable.com/ ]
C:\USERS\CHRIS\AppData\Roaming\Microsoft\Windows\Cookies\Low\chris@interclick[2].txt [ Cookie:chris@interclick.com/ ]
C:\USERS\CHRIS\AppData\Roaming\Microsoft\Windows\Cookies\Low\chris@www.mediacomtoday[1].txt [ Cookie:chris@www.mediacomtoday.com/ ]
C:\USERS\CHRIS\AppData\Roaming\Microsoft\Windows\Cookies\Low\chris@realmedia[1].txt [ Cookie:chris@realmedia.com/ ]
C:\USERS\CHRIS\AppData\Roaming\Microsoft\Windows\Cookies\Low\chris@www.mediacom[2].txt [ Cookie:chris@www.mediacom.com/ ]
C:\USERS\CHRIS\AppData\Roaming\Microsoft\Windows\Cookies\Low\chris@content.yieldmanager[3].txt [ Cookie:chris@content.yieldmanager.com/ak/ ]
C:\USERS\CHRIS\AppData\Roaming\Microsoft\Windows\Cookies\Low\chris@adinterax[2].txt [ Cookie:chris@adinterax.com/ ]
C:\USERS\CHRIS\AppData\Roaming\Microsoft\Windows\Cookies\Low\chris@insightexpressai[2].txt [ Cookie:chris@insightexpressai.com/ ]
C:\USERS\CHRIS\AppData\Roaming\Microsoft\Windows\Cookies\Low\chris@assist.mediacomcable[1].txt [ Cookie:chris@assist.mediacomcable.com/ ]
C:\USERS\CHRIS\AppData\Roaming\Microsoft\Windows\Cookies\Low\chris@ad.yieldmanager[1].txt [ Cookie:chris@ad.yieldmanager.com/ ]
C:\USERS\CHRIS\AppData\Roaming\Microsoft\Windows\Cookies\Low\chris@mediacom[1].txt [ Cookie:chris@mediacom.com/ ]
C:\USERS\CHRIS\AppData\Roaming\Microsoft\Windows\Cookies\Low\chris@fastclick[1].txt [ Cookie:chris@fastclick.net/ ]
C:\USERS\CHRIS\AppData\Roaming\Microsoft\Windows\Cookies\Low\chris@mediacomtoday[1].txt [ Cookie:chris@mediacomtoday.com/ ]
C:\USERS\CHRIS\AppData\Roaming\Microsoft\Windows\Cookies\Low\chris@content.yieldmanager[2].txt [ Cookie:chris@content.yieldmanager.com/ ]
C:\USERS\CHRIS\AppData\Roaming\Microsoft\Windows\Cookies\Low\chris@mediacomcable[2].txt [ Cookie:chris@mediacomcable.com/ ]
C:\USERS\CHRIS\AppData\Roaming\Microsoft\Windows\Cookies\Low\chris@ru4[1].txt [ Cookie:chris@ru4.com/ ]
C:\USERS\CHRIS\AppData\Roaming\Microsoft\Windows\Cookies\Low\chris@trackit.sitescout[2].txt [ Cookie:chris@trackit.sitescout.com/ ]
C:\USERS\CHRIS\AppData\Roaming\Microsoft\Windows\Cookies\Low\chris@advertising[2].txt [ Cookie:chris@advertising.com/ ]
C:\USERS\CHRIS\Cookies\A4PKZWF8.txt [ Cookie:chris@advertising.com/ ]
C:\USERS\CHRIS\Cookies\RQ8ANQA8.txt [ Cookie:chris@pointroll.com/ ]
C:\USERS\CHRIS\Cookies\7W41VSUY.txt [ Cookie:chris@www.mediafire.com/ ]
C:\USERS\CHRIS\Cookies\D9J7BCWN.txt [ Cookie:chris@yieldmanager.net/ ]
C:\USERS\CHRIS\Cookies\DOGUW2QI.txt [ Cookie:chris@tribalfusion.com/ ]
C:\USERS\CHRIS\Cookies\FBT0PXHJ.txt [ Cookie:chris@www.mediafire-links.com/ ]
C:\USERS\CHRIS\Cookies\X7FK9ID4.txt [ Cookie:chris@collective-media.net/ ]
C:\USERS\CHRIS\Cookies\chris@c.gigcount[1].txt [ Cookie:chris@c.gigcount.com/ ]
C:\USERS\CHRIS\Cookies\H2871U5U.txt [ Cookie:chris@adserver1.w00tmedia.net/ ]
C:\USERS\CHRIS\Cookies\YPJMY4IX.txt [ Cookie:chris@eyewonder.com/ ]
C:\USERS\CHRIS\Cookies\DX5WVWD0.txt [ Cookie:chris@synacor.112.2o7.net/ ]
C:\USERS\CHRIS\Cookies\chris@mediabrandsww[1].txt [ Cookie:chris@mediabrandsww.com/ ]
C:\USERS\CHRIS\Cookies\chris@adxpose[2].txt [ Cookie:chris@adxpose.com/ ]
C:\USERS\CHRIS\Cookies\FWFU5FTB.txt [ Cookie:chris@mtvn.112.2o7.net/ ]
C:\USERS\CHRIS\Cookies\1OZ1203J.txt [ Cookie:chris@adtech.de/ ]
C:\USERS\CHRIS\Cookies\GWMVG98R.txt [ Cookie:chris@burstnet.com/ ]
C:\USERS\CHRIS\Cookies\chris@citi.bridgetrack[3].txt [ Cookie:chris@citi.bridgetrack.com/ ]
C:\USERS\CHRIS\Cookies\NIQAZTFO.txt [ Cookie:chris@trafficmp.com/ ]
C:\USERS\CHRIS\Cookies\GMIERO0V.txt [ Cookie:chris@mediafire.com/ ]
C:\USERS\CHRIS\Cookies\chris@web-traffic-analysis[1].txt [ Cookie:chris@web-traffic-analysis.com/ ]
C:\USERS\CHRIS\Cookies\ALI697YX.txt [ Cookie:chris@adserver.adtechus.com/ ]
C:\USERS\CHRIS\Cookies\chris@solvemedia[3].txt [ Cookie:chris@solvemedia.com/ ]
C:\USERS\CHRIS\Cookies\LX8UU5FD.txt [ Cookie:chris@accounts.google.com/accounts/ ]
C:\USERS\CHRIS\Cookies\chris@brandspotmedia[1].txt [ Cookie:chris@brandspotmedia.com/ ]
C:\USERS\CHRIS\Cookies\SOOZ6EPJ.txt [ Cookie:chris@ads.pointroll.com/ ]
C:\USERS\CHRIS\Cookies\RRM58ECW.txt [ Cookie:chris@intermundomedia.com/ ]
C:\USERS\CHRIS\Cookies\J21BLI9C.txt [ Cookie:chris@weborama.fr/ ]
C:\USERS\CHRIS\Cookies\ROETLOCS.txt [ Cookie:chris@realmedia.com/ ]
C:\USERS\CHRIS\Cookies\U6Q2X5QU.txt [ Cookie:chris@interclick.com/ ]
C:\USERS\CHRIS\Cookies\chris@ads.bridgetrack[1].txt [ Cookie:chris@ads.bridgetrack.com/ ]
C:\USERS\CHRIS\Cookies\J7D1J5NC.txt [ Cookie:chris@linksynergy.com/ ]
C:\USERS\CHRIS\Cookies\41UCAYSL.txt [ Cookie:chris@mm.chitika.net/ ]
C:\USERS\CHRIS\Cookies\9U05JP8A.txt [ Cookie:chris@pro-market.net/ ]
C:\USERS\CHRIS\Cookies\BDEMBUXO.txt [ Cookie:chris@insightexpressai.com/ ]
C:\USERS\CHRIS\Cookies\1EV1DVHA.txt [ Cookie:chris@clicksor.com/ ]
C:\USERS\CHRIS\Cookies\U1UUSKM2.txt [ Cookie:chris@adinterax.com/ ]
C:\USERS\CHRIS\Cookies\U8ACX7AJ.txt [ Cookie:chris@questionmarket.com/ ]
C:\USERS\CHRIS\Cookies\0M4GS60L.txt [ Cookie:chris@assist.mediacomcable.com/ ]
C:\USERS\CHRIS\Cookies\P6K884T6.txt [ Cookie:chris@lfstmedia.com/ ]
C:\USERS\CHRIS\Cookies\6KUTP7AQ.txt [ Cookie:chris@www.google.com/accounts ]
C:\USERS\CHRIS\Cookies\WOAT1GZG.txt [ Cookie:chris@ad.yieldmanager.com/ ]
C:\USERS\CHRIS\Cookies\4TYRNX4J.txt [ Cookie:chris@sdabocconi.solution.weborama.fr/ ]
C:\USERS\CHRIS\Cookies\L1GC12MD.txt [ Cookie:chris@fastclick.net/ ]
C:\USERS\CHRIS\Cookies\CEGSF8RL.txt [ Cookie:chris@mediacomtoday.com/ ]
C:\USERS\CHRIS\Cookies\4QLOABWO.txt [ Cookie:chris@content.yieldmanager.com/ ]
C:\USERS\CHRIS\Cookies\ZH1N02WR.txt [ Cookie:chris@adxpansion.com/ ]
C:\USERS\CHRIS\Cookies\YHW6HHEX.txt [ Cookie:chris@c.atdmt.com/ ]
C:\USERS\CHRIS\Cookies\MIBAVRYL.txt [ Cookie:chris@ru4.com/ ]
C:\USERS\CHRIS\Cookies\chris@tracking.hostgator[1].txt [ Cookie:chris@tracking.hostgator.com/ ]
C:\USERS\CHRIS\Cookies\1EXKLQ2K.txt [ Cookie:chris@sexual-lobster.newgrounds.com/ ]
C:\USERS\CHRIS\Cookies\M31VMY70.txt [ Cookie:chris@openstat.net/ ]
C:\USERS\CHRIS\Cookies\QHX787RO.txt [ Cookie:chris@mediaservices-d.openxenterprise.com/ ]
C:\USERS\CHRIS\Cookies\SN0XP63K.txt [ Cookie:chris@www.burstnet.com/ ]
C:\USERS\CHRIS\Cookies\OCTGFC4Q.txt [ Cookie:chris@advertising.com/ ]
C:\USERS\CHRIS\Cookies\FC8EHQ1C.txt [ Cookie:chris@doubleclick.net/ ]
C:\USERS\CHRIS\Cookies\VH0VXF1H.txt [ Cookie:chris@histats.com/ ]
C:\USERS\CHRIS\Cookies\chris@microsofthalo.122.2o7[1].txt [ Cookie:chris@microsofthalo.122.2o7.net/ ]
C:\USERS\CHRIS\Cookies\chris@media.adfrontiers[1].txt [ Cookie:chris@media.adfrontiers.com/ ]
C:\USERS\CHRIS\Cookies\4BHJWI0D.txt [ Cookie:chris@statcounter.com/ ]
C:\USERS\CHRIS\Cookies\UUUCH7EV.txt [ Cookie:chris@fidelity.rotator.hadj7.adjuggler.net/ ]
C:\USERS\CHRIS\Cookies\MSWCTCOE.txt [ Cookie:chris@specificclick.net/ ]
C:\USERS\CHRIS\Cookies\QBAOSVLY.txt [ Cookie:chris@purebluemedia.com/ ]
C:\USERS\CHRIS\Cookies\OF59B1QU.txt [ Cookie:chris@revsci.net/ ]
C:\USERS\CHRIS\Cookies\03VYS9YX.txt [ Cookie:chris@azjmp.com/ ]
C:\USERS\CHRIS\Cookies\1D9BJD88.txt [ Cookie:chris@google.com/accounts/ ]
C:\USERS\CHRIS\Cookies\chris@beacon.dmsinsights[3].txt [ Cookie:chris@beacon.dmsinsights.com/ ]
C:\USERS\CHRIS\Cookies\9J3V9EIJ.txt [ Cookie:chris@dc.tremormedia.com/ ]
C:\USERS\CHRIS\Cookies\VK7L6XWH.txt [ Cookie:chris@amazon-adsystem.com/ ]
C:\USERS\CHRIS\Cookies\5197HUUM.txt [ Cookie:chris@serving-sys.com/ ]
C:\USERS\CHRIS\Cookies\G30PS3LH.txt [ Cookie:chris@ero-advertising.com/ ]
C:\USERS\CHRIS\Cookies\T4G30YDI.txt [ Cookie:chris@exoclick.com/ ]
C:\USERS\CHRIS\Cookies\723CG530.txt [ Cookie:chris@kontera.com/ ]
C:\USERS\CHRIS\Cookies\Z9W6RTI2.txt [ Cookie:chris@crackle.com/ ]
C:\USERS\CHRIS\Cookies\4A2920R8.txt [ Cookie:chris@www.cracked.com/ ]
C:\USERS\CHRIS\Cookies\E66SWCI1.txt [ Cookie:chris@uk.sitestat.com/future/pcgamer/ ]
C:\USERS\CHRIS\Cookies\chris@armorgames[6].txt [ Cookie:chris@armorgames.com/doubleclick/ ]
C:\USERS\CHRIS\Cookies\BSS8QRGD.txt [ Cookie:chris@accounts.google.com/ ]
C:\USERS\CHRIS\Cookies\AWH12MQH.txt [ Cookie:chris@at.atwola.com/ ]
C:\USERS\CHRIS\Cookies\3NH90SMF.txt [ Cookie:chris@ar.atwola.com/ ]
C:\USERS\CHRIS\Cookies\M0VKCFVK.txt [ Cookie:chris@adfarm1.adition.com/ ]
C:\USERS\CHRIS\Cookies\DAU315PA.txt [ Cookie:chris@lego.112.2o7.net/ ]
C:\USERS\CHRIS\Cookies\05W5PTTW.txt [ Cookie:chris@accounts.google.com/o ]
C:\USERS\CHRIS\Cookies\U69Y966B.txt [ Cookie:chris@userporn.com/ ]
C:\USERS\CHRIS\Cookies\C0N7PALC.txt [ Cookie:chris@gandermountain.112.2o7.net/ ]
C:\USERS\CHRIS\Cookies\1N0WGN3G.txt [ Cookie:chris@accounts.youtube.com/accounts ]
C:\USERS\CHRIS\Cookies\LUVJA3UF.txt [ Cookie:chris@searchassist.mediacomcable.com/ ]
C:\USERS\CHRIS\Cookies\chris@yadro[2].txt [ Cookie:chris@yadro.ru/ ]
C:\USERS\CHRIS\Cookies\HHAZQBL6.txt [ Cookie:chris@www.burstbeacon.com/ ]
C:\USERS\CHRIS\Cookies\FYPJCZOO.txt [ Cookie:chris@server.cpmstar.com/ ]
C:\USERS\CHRIS\Cookies\0IX93QRE.txt [ Cookie:chris@kanoodle.com/ ]
C:\USERS\CHRIS\Cookies\DLSL955U.txt [ Cookie:chris@casalemedia.com/ ]
C:\USERS\CHRIS\Cookies\X6RQMRI5.txt [ Cookie:chris@aim4media.com/ ]
C:\USERS\CHRIS\Cookies\JVJZ2OTV.txt [ Cookie:chris@romnation.net/ ]
C:\USERS\CHRIS\Cookies\VBTN450A.txt [ Cookie:chris@www.sextronix.com/hit/95/107738/11/1/cndp2/ ]
C:\USERS\CHRIS\Cookies\LFYZPIXZ.txt [ Cookie:chris@mediaforge.com/ ]
C:\USERS\CHRIS\Cookies\AR764D6P.txt [ Cookie:chris@microsoftsto.112.2o7.net/ ]
C:\USERS\CHRIS\Cookies\N3P1FO2G.txt [ Cookie:chris@sexfortunegames.newgrounds.com/ ]
C:\USERS\CHRIS\Cookies\2IS62BR9.txt [ Cookie:chris@burstbeacon.com/ ]
C:\USERS\CHRIS\Cookies\7YCAPKHG.txt [ Cookie:chris@static2.animeseason.com/ads/vcm/ ]
C:\USERS\CHRIS\Cookies\DFFCZ9PZ.txt [ Cookie:chris@account.hirezstudios.com/ ]
C:\USERS\CHRIS\Cookies\Y2S2WJ3L.txt [ Cookie:chris@tradedoubler.com/ ]
C:\USERS\CHRIS\Cookies\G2218I46.txt [ Cookie:chris@legolas-media.com/ ]
C:\USERS\CHRIS\Cookies\R05S3KLK.txt [ Cookie:chris@publishers.domainadvertising.com/ ]
C:\USERS\CHRIS\Cookies\BVUXE3RP.txt [ Cookie:chris@account.live.com/ ]
C:\USERS\CHRIS\Cookies\MNQOZK8K.txt [ Cookie:chris@openstat.net/ ]
C:\USERS\CHRIS\Cookies\Y07AKRMA.txt [ Cookie:chris@ads.saymedia.com/ ]
C:\USERS\CHRIS\Cookies\0FZ5G3IB.txt [ Cookie:chris@media.xfire.com/ ]
C:\USERS\CHRIS\Cookies\D14PW3B4.txt [ Cookie:chris@c1.atdmt.com/ ]
C:\USERS\CHRIS\Cookies\8WP3N30L.txt [ Cookie:chris@www.mediafiregames4free.com/ ]
C:\USERS\CHRIS\Cookies\TTAP8EM4.txt [ Cookie:chris@openx1.overadmedia.com/ ]
C:\USERS\CHRIS\Cookies\YC9P82ZX.txt [ Cookie:chris@247realmedia.com/ ]
C:\USERS\CHRIS\Cookies\L9T28WXQ.txt [ Cookie:chris@uk.sitestat.com/future/ ]
C:\USERS\CHRIS\Cookies\WI0B2ZN4.txt [ Cookie:chris@stats.paypal.com/ ]
C:\USERS\CHRIS\Cookies\ZE4G26VZ.txt [ Cookie:chris@ads2.zeusclicks.com/ ]
C:\USERS\CHRIS\Cookies\LZ75DIO9.txt [ Cookie:chris@adserver.valwa.com/ ]
C:\USERS\CHRIS\Cookies\YDVVMBXR.txt [ Cookie:chris@googleads.g.doubleclick.net/ ]
C:\USERS\CHRIS\Cookies\QDGAF7IK.txt [ Cookie:chris@network.realmedia.com/ ]
C:\USERS\CHRIS\Cookies\J6TFIJ4S.txt [ Cookie:chris@nextag.com/ ]
C:\USERS\CHRIS\Cookies\EVNMLIPA.txt [ Cookie:chris@mediacomcable.com/ ]
C:\USERS\CHRIS\Cookies\F6UU1SOM.txt [ Cookie:chris@yieldmanager.com/ ]
C:\USERS\CHRIS\Cookies\1N9BEHKM.txt [ Cookie:chris@www.googleadservices.com/pagead/conversion/1009279073/ ]
C:\USERS\CHRIS\Cookies\WJVITSFN.txt [ Cookie:chris@media.photobucket.com/ ]
C:\USERS\CHRIS\Cookies\52Q4L8MI.txt [ Cookie:chris@dmtracker.com/ ]
C:\USERS\CHRIS\Cookies\L7SWSP8A.txt [ Cookie:chris@pfa.rotator.hadj7.adjuggler.net/ ]
C:\USERS\CHRIS\Cookies\7DR24342.txt [ Cookie:chris@www.googleadservices.com/pagead/conversion/1003715244/ ]
C:\USERS\CHRIS\Cookies\B0MGLZ4W.txt [ Cookie:chris@tacoda.at.atwola.com/ ]
C:\USERS\CHRIS\Cookies\WWY1BBWO.txt [ Cookie:chris@tacoda.net/ ]
C:\USERS\CHRIS\Cookies\3H88PQ1N.txt [ Cookie:chris@www.mediacomtoday.com/ ]
C:\USERS\CHRIS\Cookies\T2DL5735.txt [ Cookie:chris@clickbooth.com/ ]

Trojan.Agent/Gen-Faker
C:\PROGRAM FILES (X86)\LEAF\‚¤‚½‚í‚ê‚é‚à‚ÌDVD”Å\UTAWARE-VOICE.DLL


**had to stop scan**



SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 07/08/2012 at 03:10 PM

Application Version : 5.5.1006

Core Rules Database Version : 8862
Trace Rules Database Version: 6674

Scan type : Complete Scan
Total Scan Time : 01:03:51

Operating System Information
Windows 7 Home Premium 64-bit, Service Pack 1 (Build 6.01.7601)
UAC Off - Administrator

Memory items scanned : 833
Memory threats detected : 0
Registry items scanned : 66280
Registry threats detected : 0
File items scanned : 94911
File threats detected : 46

Adware.Tracking Cookie
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\NCOII4GK.txt [ /serving-sys.com ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\HB5WJXET.txt [ /at.atwola.com ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\774FUPDD.txt [ /server.cpmstar.com ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\QMO9H03J.txt [ /ad.yieldmanager.com ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\3BPSLF6V.txt [ /invitemedia.com ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\PGU672I3.txt [ /atdmt.com ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\CJ7RUOEP.txt [ /advertising.com ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\FVNA9LRI.txt [ /doubleclick.net ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\3T5YS0HO.txt [ /specificclick.net ]
C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Cookies\ZLJ3WHV4.txt [ /ads.intergi.com ]
C:\USERS\CHRIS\Cookies\NCOII4GK.txt [ Cookie:chris@serving-sys.com/ ]
C:\USERS\CHRIS\Cookies\HB5WJXET.txt [ Cookie:chris@at.atwola.com/ ]
C:\USERS\CHRIS\Cookies\774FUPDD.txt [ Cookie:chris@server.cpmstar.com/ ]
C:\USERS\CHRIS\Cookies\QMO9H03J.txt [ Cookie:chris@ad.yieldmanager.com/ ]
C:\USERS\CHRIS\Cookies\CJ7RUOEP.txt [ Cookie:chris@advertising.com/ ]
C:\USERS\CHRIS\Cookies\FVNA9LRI.txt [ Cookie:chris@doubleclick.net/ ]
C:\USERS\CHRIS\Cookies\3T5YS0HO.txt [ Cookie:chris@specificclick.net/ ]
ad.insightexpressai.com [ C:\USERS\CHRIS\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\RC9UNWW8 ]
ads2.msads.net [ C:\USERS\CHRIS\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\RC9UNWW8 ]
art.aim4media.com [ C:\USERS\CHRIS\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\RC9UNWW8 ]
cdn.eyewonder.com [ C:\USERS\CHRIS\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\RC9UNWW8 ]
cdn1.static.pornhub.phncdn.com [ C:\USERS\CHRIS\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\RC9UNWW8 ]
content.oddcast.com [ C:\USERS\CHRIS\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\RC9UNWW8 ]
content.yieldmanager.edgesuite.net [ C:\USERS\CHRIS\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\RC9UNWW8 ]
core.insightexpressai.com [ C:\USERS\CHRIS\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\RC9UNWW8 ]
countdownpage.createyourcountdown.com [ C:\USERS\CHRIS\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\RC9UNWW8 ]
crackle.com [ C:\USERS\CHRIS\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\RC9UNWW8 ]
ds.serving-sys.com [ C:\USERS\CHRIS\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\RC9UNWW8 ]
konac.kontera.com [ C:\USERS\CHRIS\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\RC9UNWW8 ]
media.ign.com [ C:\USERS\CHRIS\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\RC9UNWW8 ]
media.mtvnservices.com [ C:\USERS\CHRIS\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\RC9UNWW8 ]
media1.break.com [ C:\USERS\CHRIS\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\RC9UNWW8 ]
objects.tremormedia.com [ C:\USERS\CHRIS\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\RC9UNWW8 ]
s0.2mdn.net [ C:\USERS\CHRIS\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\RC9UNWW8 ]
secure-us.imrworldwide.com [ C:\USERS\CHRIS\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\RC9UNWW8 ]
cdn.tremormedia.com [ C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\EVSXRC5S ]
cdn2.baronsmedia.com [ C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\EVSXRC5S ]
core.insightexpressai.com [ C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\EVSXRC5S ]
crackle.com [ C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\EVSXRC5S ]
ds.serving-sys.com [ C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\EVSXRC5S ]
media.mtvnservices.com [ C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\EVSXRC5S ]
media.scanscout.com [ C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\EVSXRC5S ]
objects.tremormedia.com [ C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\EVSXRC5S ]
secure-us.imrworldwide.com [ C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\EVSXRC5S ]
tag.2bluemedia.hiro.tv [ C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\EVSXRC5S ]
www.9mediaonline.com [ C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\EVSXRC5S ]




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users